AstraVault locks your government IDs, PAN, passports, and medical records behind your vault passphrase and fingerprint biometrics — then encrypts everything with AES-256-GCM before it ever reaches the cloud.
Every document goes through a multi-layer encryption pipeline before it ever leaves your device. No exceptions.
Your vault passphrase is the cryptographic root — fingerprint biometrics (via Android BiometricPrompt) provide fast daily unlock. Passphrase is always the fallback.
Your passphrase is stretched through 600,000 PBKDF2-SHA256 iterations before deriving the SQLCipher key. Brute-force is computationally infeasible.
The AES-256-GCM master key lives inside the secure hardware enclave and cannot be exported — it never leaves your device.
Documents are encrypted in RAM, then uploaded directly to your private Google Drive. Plaintext bytes are zeroed immediately after encryption.
Smart OCR, intelligent categorization, 4-gate camera — built for the way real people manage critical documents.
Documents are encrypted in RAM before any I/O. Plaintext never hits your phone's storage. The Zero-Trace Protocol runs at the hardware level — no temp files, no cache leaks.
Real-time Blur, Luminance, Stability, and Aspect gates reject poor-quality frames automatically. Every scan is sharp and complete before capture is accepted.
ML Kit reads Latin and Devanagari text on-device, auto-categorizing across 18 document types — medical, legal, financial, identity, vehicle, property, and more.
Government IDs, PAN numbers, bank account numbers, and other sensitive identifiers are automatically detected and masked before any storage. Privacy is the default.
Lost your device? Trigger a remote wipe of all local secrets and databases via FCM — severing vault access permanently within seconds, from anywhere.
Encrypted documents sync to your own Google Drive. AstraSoft never sees your data — it's your Drive, your keys, your vault. Retrieve from any device anytime.
Sign in with Google, then unlock with fingerprint biometrics or your vault passphrase. Your passphrase is set on first use and is the cryptographic root of your vault.
Photograph documents with the 4-gate camera or import PDFs. OCR extracts text on-device, AI assigns the category — all private, all local.
Every document is AES-256-GCM encrypted in RAM, then synced to your private Google Drive. Access it on any device, whenever you need it.
Built from the ground up for Indian documents and Indian languages — with Devanagari OCR and privacy-first design baked in.
Document categories including national IDs, tax records, voter cards
Languages — English and Hindi (हिन्दी)
Privacy-first, zero-access document storage
OCR automatically detects 12-digit national ID patterns and masks the first 8 digits before any storage — protected by design.
Automatic PAN pattern recognition with selective field masking. Financial identity protected at capture time, not as an afterthought.
ML Kit reads Hindi and Devanagari script documents natively — bank statements, certificates, and official records in your language.
Data minimization, zero third-party analytics on documents, and full user data deletion support — privacy is a core architectural principle, not an afterthought.
One-time purchase. No subscriptions. No hidden fees. Your vault works forever.
AstraVault uses fingerprint biometrics for fast daily unlock and your vault passphrase as the cryptographic fallback. Your passphrase is set once and stored in Android's EncryptedSharedPreferences — it is never transmitted to any server.
AstraVault is zero-knowledge. Without your passphrase, nobody — including AstraSoft — can access your encrypted vault. Write your passphrase down and store it safely offline. There is no recovery option.
Encrypted document files live in your own private Google Drive. Only encrypted metadata (category, filename, OCR snippet ≤500 chars) lives locally in the SQLCipher database. Plaintext never touches disk.
Watch an optional 30-second ad to unlock +5 additional document slots for the day. This is entirely optional and can be repeated as needed — your vault access is never gated by ads.
Yes. Already-synced documents are available offline through the encrypted local database. New captures are queued and synced to Drive automatically when connectivity resumes — no data is ever lost.
AES-256-GCM via Android Keystore hardware enclave, SQLCipher for the local database, PBKDF2-SHA256 with 600,000 iterations for key derivation, and Android BiometricPrompt — all industry-standard, auditable primitives.