Frequently Asked Questions

GFAE (Three-Factor Entropy-Fused Geo-Fenced Encryption) is a patent-pending system that binds cryptographic key derivation to three concurrent conditions: verified physical location context, registered hardware attestation, and an authorised time window. All three conditions must be satisfied for the working decryption key to be re-derived. It is not a policy layer; it is a cryptographic constraint.

Browser geolocation and IP-based access control are policy checks that can be bypassed or spoofed at the software layer. GFAE incorporates physical signal-quality context from GNSS receivers as an input to the key derivation function. The key derivation itself changes based on the physical environment. This is a fundamentally different architectural role: the location context is baked into the cryptographic output, not checked after the fact.

Fail-closed means that when any required condition is missing or invalid, such as an absent GNSS signal, expired time window, or failed hardware attestation, the system denies access and does not expose the protected key material. There is no fallback to an insecure mode. This design is intentional: for high-assurance deployments, a brief availability interruption is preferable to an insecure fallback.

GFAE is patent pending, not yet patent granted. The application has been filed (GB2610661.7) and covers the three-factor entropy-fused geo-fenced encryption architecture. The patent process is ongoing.

GNSS signals have well-documented indoor limitations and are affected by urban canyon environments and signal obstruction. GFAE's design acknowledges these limitations and does not claim to work perfectly in all environments. Indoor deployments may require supplementary signal sources or alternative positioning mechanisms. This is a known constraint that should be evaluated for each deployment context.

No. GFAE is designed to complement existing identity and access management, network security, and operational security. It addresses a specific gap: the ability to cryptographically enforce that key derivation is impossible outside an authorised physical and temporal context. IAM, network controls, monitoring, and operational procedures remain required.

Compliance-by-Geometry is GFAE's core positioning concept. In regulated sectors, data access is often governed by geographic boundaries (healthcare facility, national jurisdiction, secure zone). Compliance-by-Geometry means those boundaries are not just written in policy documents; they become cryptographic enforcement conditions. The regulatory boundary and the encryption boundary become the same boundary.

Post-quantum cryptography refers to algorithms designed to remain secure against attacks by quantum computers. Current widely-deployed key exchange algorithms (RSA, ECDH) are theoretically vulnerable to quantum attacks. GFAE uses ML-KEM-1024 (standardised in NIST FIPS 203) for key establishment. This matters now because of the 'harvest-now, decrypt-later' threat: adversaries may be capturing encrypted data today to decrypt once quantum computers are capable.

GFAE Global offers technical briefings, NDA-covered architectural disclosure, and pilot programme discussions. For defence, healthcare, space, critical infrastructure, and regulated enterprise use cases, please use the contact form to describe your context. An illustrative simulation is also available on the Demo page.

No. GFAE Global is an early-stage company with patent-pending technology. The system has not been independently validated by the UK government, NHS, NCSC, or any certification body. These processes are part of the company's roadmap. Any claim of approval or certification would be inaccurate and is not made.