Skip to main content

Key Concepts & Terminology

Essential terms and concepts for understanding Torvus Security

Understanding these core concepts will help you get the most out of Torvus Security and configure your vaults effectively.

Core Components​

Vaults​

What it is: An encrypted container for storing documents and sensitive information.

Key Features:

  • End-to-end encryption: Data encrypted on your device before upload
  • Zero-knowledge architecture: Torvus cannot access your vault contents
  • Flexible organization: Tag and categorize documents
  • Shared or private: Control who can access your vault

Analogy: Think of a vault as a digital safety deposit box with programmable locks.

Example Use Cases:

  • Personal vault for family documents
  • Business vault for company records
  • Legal vault for client files
  • Cryptocurrency vault for wallet recovery keys

Recipients​

What it is: Trusted individuals designated to receive vault access when release policies trigger.

Key Features:

  • Verification required: Recipients must verify their identity before gaining access
  • Role-based permissions: Control what each recipient can do
  • Multiple recipients: Add as many as your plan allows
  • Notification system: Recipients are notified when vault is released

Permissions Levels:

  • Viewer: Read-only access to documents
  • Operator: Can view and upload documents
  • Admin: Full access including vault management (cannot delete vault)
  • Owner: Complete control including deletion

Example Scenario: You designate your spouse as "Admin" and your attorney as "Viewer" for your estate planning vault. If your inactivity policy triggers, both receive accessβ€”your spouse can manage documents while your attorney can review them.

Policies​

What it is: Automated rules that determine when and how your vault is released to recipients.

Why Important: Policies ensure your information reaches the right people at the right time, even if you can't deliver it yourself.

Policy Types:

1. Inactivity Policy​

Releases vault if you don't check in for a specified period.

How It Works:

  1. You set check-in frequency (daily, weekly, monthly)
  2. System sends reminders before check-in is due
  3. If you miss check-in, grace period begins
  4. If grace period expires without check-in, vault releases to recipients

Best For:

  • Personal emergency planning
  • Travel safety
  • Business continuity

2. Manual Release​

Immediately releases vault with a button press.

How It Works:

  1. You click "Emergency Release" button
  2. System requires 2FA confirmation
  3. Vault immediately releases to all designated recipients
  4. Recipients receive instant notification

Best For:

  • Emergency situations
  • Medical emergencies
  • Security threats

3. Date-Based Release​

Automatically releases vault on a specific date.

How It Works:

  1. You set future release date
  2. System automatically releases vault at specified time
  3. Recipients receive access on that date

Best For:

  • Future-dated information delivery
  • Time capsules
  • Scheduled disclosures

4. Death Certificate Verification​

Releases vault after verified death certificate is submitted.

How It Works:

  1. Designated contact submits death certificate
  2. Torvus verifies authenticity with issuing authority
  3. After verification, vault releases to recipients

Best For:

  • Estate planning
  • Will distribution
  • Digital inheritance

Check-ins​

What it is: Your periodic confirmation that you're active and have access to your account.

How It Works:

  1. System sends reminder before check-in is due
  2. You complete check-in via email, SMS, mobile app, or API
  3. Next check-in is scheduled based on your frequency setting
  4. If you miss check-in, grace period begins

Check-in Methods:

  • Email: Click link in email reminder
  • SMS: Reply to text message with code
  • Mobile App: Tap check-in button
  • API: Automated check-in from your systems

Frequency Options:

  • Daily: Every 24 hours (high-security use cases)
  • Weekly: Every 7 days (frequent travelers)
  • Biweekly: Every 14 days (balanced approach)
  • Monthly: Every 30 days (most common)

Grace Period: Extra time if you miss a check-in (typically 24-72 hours depending on plan).

Security Concepts​

End-to-End Encryption​

What it is: Your data is encrypted on your device before being sent to Torvus servers.

Why Important: Even if Torvus servers were compromised, your data remains encrypted and unreadable.

How It Works:

  1. You upload a document
  2. Your browser encrypts the file using AES-256 encryption
  3. Encrypted file is sent to Torvus servers
  4. Only you (and recipients when released) can decrypt the file

Technical Details:

  • Algorithm: AES-256-GCM
  • Key Derivation: PBKDF2 with 100,000 iterations
  • Salt: Unique per vault
  • Zero-knowledge: Torvus never has access to encryption keys

Zero-Knowledge Architecture​

What it is: Torvus Security has no knowledge of your vault contents, encryption keys, or passwords.

What Torvus Can See:

  • Your email address
  • Vault metadata (name, creation date, size)
  • Check-in activity
  • Recipient list (names and emails)

What Torvus Cannot See:

  • Vault contents (documents)
  • Document names (encrypted)
  • File contents (encrypted)
  • Your master password (hashed)

Benefit: Even under legal compulsion or data breach, your vault contents remain private.

Two-Factor Authentication (2FA)​

What it is: A second layer of security beyond your password.

Methods Supported:

  • TOTP (Time-based One-Time Password): Authenticator apps (Authy, Google Authenticator)
  • SMS: Text message codes
  • Hardware Keys: YubiKey, Titan Security Key (Professional plan and above)

When Required:

  • Login to Torvus Security
  • Manual emergency release
  • Changing account settings
  • Adding/removing recipients

Verification Process​

What it is: Identity verification required before recipients can access released vaults.

Verification Steps:

  1. Recipient receives release notification
  2. Recipient clicks secure link and creates account
  3. Recipient verifies identity (email verification + optional ID verification)
  4. Recipient gains access to vault contents

Why Important: Prevents unauthorized access even if someone intercepts release notification.

Advanced Concepts​

Vault Members vs Recipients​

Vault Members:

  • Collaborate on vault while you're active
  • Can view/upload documents in real-time
  • Require explicit invitation from vault owner
  • Permissions: Viewer, Operator, Admin

Recipients:

  • Designated to receive vault access when policies trigger
  • Do not have access until vault is released
  • Automatically receive access when policy conditions are met
  • Permissions: Set at time of designation

Example: You share a business vault with your COO as a "Vault Member" (Admin) for daily collaboration. You also designate your attorney as a "Recipient" (Viewer) who only gets access if your inactivity policy triggers.

Grace Periods​

What it is: Extra time after a missed check-in before vault releases to recipients.

How It Works:

  1. You miss scheduled check-in
  2. Grace period begins (24-72 hours depending on plan)
  3. System sends urgent reminders
  4. If you check in during grace period, release is canceled
  5. If grace period expires, vault releases to recipients

Grace Period by Plan:

  • Free: 24 hours
  • Standard: 48 hours
  • Professional: 72 hours
  • Enterprise: Custom (up to 7 days)

Use Case: You're traveling and miss a check-in due to lack of internet. Grace period gives you time to find connectivity and complete check-in before vault is released.

Release Notifications​

What it is: Alerts sent to recipients when a vault is released.

Notification Channels:

  • Email: Detailed message with secure access link
  • SMS: Brief alert with link (if phone number provided)
  • In-App: Notification in Torvus mobile app (if installed)

What Recipients Receive:

  • Notification that a vault has been released to them
  • Vault name and description
  • Reason for release (inactivity, manual, date-based, death certificate)
  • Instructions for accessing vault contents
  • Secure link to claim access

Audit Logs​

What it is: Detailed record of all actions taken on your vaults.

What's Logged:

  • Document uploads/downloads
  • Check-in activity
  • Policy changes
  • Recipient additions/removals
  • Vault member activity
  • Emergency releases

Available On:

  • Professional plan and above
  • Console (admin panel)
  • Exportable as CSV

Use Case: Track who accessed documents and when, useful for compliance and security auditing.

Terminology Quick Reference​

TermDefinition
VaultEncrypted container for documents
RecipientPerson designated to receive vault access
PolicyRule determining when vault releases
Check-inPeriodic confirmation of activity
Grace PeriodExtra time after missed check-in
Inactivity PolicyReleases vault if check-ins stop
Manual ReleaseImmediate vault release (emergency)
Date-Based ReleaseScheduled future release
Death CertificateRelease after verified death
End-to-End EncryptionEncryption on device before upload
Zero-KnowledgeTorvus cannot access vault contents
2FATwo-factor authentication
Vault MemberCollaborator with real-time access
OwnerCreator of vault (full control)
Audit LogRecord of all vault activity

Understanding Vault Lifecycle​

Phase 1: Creation​

  1. Owner creates vault
  2. Uploads initial documents
  3. Adds vault members (optional)

Phase 2: Active Use​

  1. Owner and vault members upload/manage documents
  2. Owner configures release policies
  3. Owner designates recipients
  4. Owner completes regular check-ins (if inactivity policy active)

Phase 3: Release Trigger​

  1. Policy condition is met (missed check-in, date reached, manual trigger, death certificate)
  2. System initiates release process
  3. Recipients are notified

Phase 4: Recipient Access​

  1. Recipients verify identity
  2. Recipients gain access to vault contents
  3. Recipients can view/download documents based on permission level
  4. Audit log records all access

Phase 5: Post-Release​

  1. Vault remains accessible to recipients
  2. Owner (if alive and manual release was used) can revoke access
  3. Vault can be archived or deleted by owner

Common Misunderstandings​

❌ "Torvus can see my documents"​

Correction: Torvus uses zero-knowledge architecture. Your documents are encrypted on your device before upload. Even Torvus staff cannot access your vault contents.

❌ "Recipients have access to my vault immediately"​

Correction: Recipients only receive access when a release policy triggers. Until then, they have no access to your vault.

❌ "If I miss one check-in, my vault is immediately released"​

Correction: Grace periods give you extra time. If you miss a check-in, you have 24-72 hours (depending on plan) to complete it before release.

❌ "I can only have one policy per vault"​

Correction: Standard and Professional plans support multiple simultaneous policies. For example, you can have both an inactivity policy (monthly check-ins) AND a date-based release (specific future date).

❌ "Manual release is permanent"​

Correction: If you trigger a manual release accidentally, you can revoke recipient access before they claim it (within a short window, typically 1 hour).

Next Steps​

Now that you understand core concepts:

  1. Create Your First Vault: Put concepts into practice
  2. Configure Policies: Set up release conditions
  3. Add Recipients: Designate trusted individuals
  4. Best Practices: Learn recommended configurations

Last Updated: October 7, 2025