Technical documentation for legal professionals
This page provides the technical detail attorneys, probation officers, and judges need to evaluate Auditend attendance records. It covers our verification methodology, data integrity measures, chain of custody, and how to authenticate evidence for court proceedings.
Who this page is for
- •Defense attorneys presenting compliance evidence
- •Prosecutors evaluating attendance claims
- •Judges assessing the reliability of digital attendance records
- •Probation and parole officers monitoring compliance
- •Treatment providers requiring verified attendance documentation
Contents
Verification Methodology
Each Auditend check-in requires three independent, simultaneous verifications. All three must pass for a check-in to be recorded. No check-in can be created retroactively or without meeting all requirements at the time of submission.
GPS Location Verification
- •Device GPS coordinates are captured at the moment of check-in
- •Server-side haversine calculation verifies the participant is within 300 feet (91 meters) of the registered meeting address
- •Exact latitude, longitude, and accuracy radius are stored with each record
- •Location is checked once at check-in time only — no continuous or background tracking
- •Distance validation is performed server-side and cannot be bypassed by the client
Time Window Verification
- •Check-ins are only accepted within a defined time window around the scheduled meeting start time
- •Window: 1 hour before to 30 minutes after the meeting start
- •Timestamps are recorded in UTC using the server clock, not the device clock
- •Time validation is enforced server-side and cannot be manipulated by the client
Identity Verification (Video Selfie)
- •A 3-second front-camera video is recorded at each check-in
- •Video provides stronger identity evidence than a single photo — captures natural movement, making spoofing significantly harder
- •A still-frame thumbnail is extracted for inclusion in PDF court reports
- •Video is uploaded directly to secure cloud storage with a time-limited signed URL
- •A SHA-256 hash of the video file is computed and stored, enabling detection of any post-capture modification
Server-side enforcement
All three verifications are enforced by the server (Supabase Edge Functions), not the mobile app. The app collects and transmits the data, but the server independently validates location proximity, time window compliance, and evidence file integrity before recording a check-in. A compromised or modified app cannot bypass server-side validation.
Data Integrity & Chain of Custody
Auditend implements multiple layers of data integrity protection to ensure records are trustworthy from the moment of creation through court presentation.
ECDSA Digital Signatures
Every check-in record is digitally signed using ECDSA (Elliptic Curve Digital Signature Algorithm) with P-256 keys. This is the same cryptographic standard used in TLS/SSL, banking systems, and government digital credentials.
- •The signing key is held server-side only and is never exposed to the client
- •The signature covers the check-in ID, user ID, meeting ID, timestamp, GPS coordinates, and evidence hash
- •Any modification to any signed field invalidates the signature
- •Signatures can be independently verified using the public key
Evidence File Hashing (SHA-256)
Each photo or video selfie is hashed using SHA-256 after upload. The hash is stored alongside the check-in record.
- •If the evidence file is modified after upload, the hash will no longer match
- •Hash verification is performed automatically during report generation and online verification
- •SHA-256 is a one-way function — it is computationally infeasible to produce a different file with the same hash
Immutable Audit Trail
Every check-in creates a corresponding entry in a separate, append-only audit log. Database triggers enforce this automatically.
- •The audit log is append-only — entries cannot be updated or deleted, even by administrators
- •Database triggers automatically copy all check-in data to the audit log at creation time
- •Critical fields (timestamp, GPS, evidence hash, signature) are protected from modification by database-level constraints
- •Any discrepancy between the check-in record and audit log indicates potential tampering
Evidence Preservation
- •Photo and video evidence is stored in encrypted cloud storage (Supabase Storage / AWS S3)
- •Evidence is encrypted at rest (AES-256) and in transit (TLS 1.2+)
- •Access requires time-limited signed URLs generated only for authenticated, authorized users
- •Deleted accounts preserve check-in records and evidence (soft delete) to maintain audit trail integrity
Chain of custody: check-in to court report
Capture
App records GPS + video selfie, submits to server
Validation
Server validates location, time window, creates check-in record
Signing & Hashing
Server computes SHA-256 hash of evidence, signs record with ECDSA
Audit Log
Database trigger copies record to append-only audit log
Report Generation
On request, server re-verifies signatures and hashes, generates PDF with verification code
Independent Verification
Any party can verify the report at auditend.com/verify using the printed verification code
Evidence Authentication
Each Auditend attendance report can be independently verified without requiring an account, special software, or cooperation from the participant.
Online verification process
- 1
Locate the verification code on the report
Format:
VER-YYYY-XXXXXX - 2
Visit auditend.com/verify
No account or login required
- 3
Enter the verification code
System confirms authenticity and displays the original stored data
What verification confirms
Report authenticity
Confirms the report was generated by Auditend and has not been modified
Digital signature validity
ECDSA signatures on each check-in are verified against stored records
Evidence file integrity
SHA-256 hashes confirm photos and videos have not been altered since capture
Data consistency
Report data is compared against the immutable audit log to detect discrepancies
Data included in court reports
Each generated PDF attendance report includes:
Participant name
As registered in the system
Date range
Report coverage period
Meeting details
Name, date, time for each attendance
GPS coordinates
Lat/lng with distance from meeting
Verification photo
Timestamped selfie thumbnail
Verification code
For independent online verification
Integrity status
Signature and hash verification results
Compliance summary
Total meetings, frequency, method breakdown
Anti-Fraud Measures
Auditend employs multiple overlapping safeguards to prevent fraudulent check-ins. No single measure is relied upon in isolation.
Prevention
Server-side validation
All location, time, and evidence checks are performed server-side. Modifying the app does not bypass validation.
Video selfies over photos
3-second video captures natural movement, making it significantly harder to spoof with a static image or screenshot.
No retroactive check-ins
Check-ins can only be created during the meeting time window. There is no way to add or backdate records after the fact.
One check-in per meeting
Database constraint prevents duplicate check-ins for the same meeting by the same user.
Anomaly Detection
Automated checks flag suspicious patterns for review. Flags are advisory and do not block check-ins.
Velocity detection
Flags check-ins at locations that would require implausible travel speed from the previous check-in (greater than 150 mph / 240 km/h)
Frequency detection
Flags unusually high check-in frequency (more than 5 check-ins within 24 hours)
Shared device detection
Flags when the same physical device is used by different accounts within a short time period
Post-Creation Tamper Evidence
- •ECDSA signatures detect modification of any signed field
- •SHA-256 hashes detect modification of evidence files
- •Append-only audit log provides an independent copy of original data
- •Database constraints prevent users and administrators from modifying protected fields
- •Device fingerprinting records the device model, OS version, and app version used for each check-in
Sample Court Declaration
The following template may be adapted by defense attorneys when presenting Auditend records as evidence. This is a starting point — attorneys should modify it to suit their jurisdiction and case.
DECLARATION RE: DIGITAL ATTENDANCE RECORDS
I, [ATTORNEY NAME], declare as follows:
1. I am the attorney of record for [DEFENDANT NAME] in the above-entitled action.
2. Attached hereto as Exhibit [X] is an attendance report generated by Auditend, a digital attendance verification system. The report covers the period from [START DATE] to [END DATE].
3. Auditend verifies meeting attendance through three simultaneous requirements: (a) GPS confirmation that the participant is within 300 feet of the registered meeting address; (b) a timestamped video selfie for identity verification; and (c) check-in during the scheduled meeting time window.
4. Each check-in record is digitally signed using ECDSA cryptography and the evidence file is hashed using SHA-256. These measures ensure that records cannot be modified after creation without detection.
5. The report bears verification code [VERIFICATION CODE], which can be independently verified at auditend.com/verify by any party without requiring an account or special software.
6. I have verified the report using the above code and confirmed that all digital signatures are valid and all evidence file hashes match the stored originals.
7. The report documents [NUMBER] verified meeting attendances during the report period.
I declare under penalty of perjury under the laws of the State of [STATE] that the foregoing is true and correct.
Dated: _______________
_________________________
[ATTORNEY NAME]
Attorney for [DEFENDANT NAME]
This template is provided for informational purposes only and does not constitute legal advice. Attorneys should adapt it to comply with local rules and procedures.
FAQ for Legal Professionals
Questions from legal professionals
If you need additional technical detail, expert testimony coordination, or have questions about a specific report, we are available to assist.