One vault is the truth
Your name, address, payment methods, and identity live in one place — the vault you own. Connected apps render live views over it; nobody else keeps their own writable copy.
Personal Data.
Together.
One vault that is the truth. Apps borrow under per-field consent — they never own. Update once; every connected app finds out within seconds.
BoxOwl is launching — join the private beta
Private by design
End-to-end encrypted secrets
GDPR & CCPA ready
Your data. Your control.
One vault that is the truth about your name, address, payment methods, and identity. Every app you connect reads from it under per-field consent. Update once; everywhere updates within seconds. Nothing about you lives in twenty places anymore.
Updates propagate everywhere
Change your address once and every connected app finds out within seconds. No more updating twenty profiles after a move — the vault tells them for you.
You see who reads what
Every connected app, every field it reads, every actual read in the last 30 days — visible in one screen. Downgrade a scope or revoke the whole connection with one click.
Encryption where it matters
Passwords, secure notes, and payment methods are end-to-end encrypted — even we can't read them. The rest of the vault stays server-readable so apps can borrow it live under your consent, protected by AES-256 + TLS 1.3.
Autofill on every device
The consequence of one source of truth: forms fill themselves on every browser and every device, with a per-field picker so you choose exactly which address or card, every time.
Two tiers, one protocol.
Every tier ships as a signed JWT on a request header — JWKS-verified locally, no callback per request. Pick the depth your use case needs; tiers are additive.
SMRT
Anonymous preference signals. Zero config.
Register your domain. The extension injects a signed JWT on every request from any BoxOwl user — carrying their opt-in preference profile (age band, region, style, palette, interests), never their identity. Personalize the first paint without ever asking a question.
- Rotating session UID — uncorrelatable
- User-controlled, org-agnostic profile
- JWKS-verified RS256, 10-min TTL
- No API key, no consent flow
X-BoxOwl-Smrt
{
"sub": "3f5c2d8e-7b13-…",
"smrt": {
"ageBand": "25-34",
"region": "CO",
"styleRoots": ["minimalist"],
"colorPalette": "earth-tones"
}
}
PDaaS
Identified recognition. On-demand vault access.
One-tap connect grants your org a pairwise identity JWT on every visit — name, verified flag,
stable per-org orgUid. Optional REST API reads consented vault fields
(address, contact, payment) under scoped org keys. Compliance, exports, audit logs handled.
- Pairwise
orgUidprevents cross-org correlation - Tier 1 SMRT profile embedded in every Identity JWT
- Consent-gated REST API + HMAC webhooks
- Live propagation: vault updates fire
customer.vault.user-updatedto every connected app within seconds - Optional org-stored
tagsclaim for silent customer matching - Batch sync API for missed-events recovery
- GDPR/CCPA/LGPD obligations delegated
X-BoxOwl-Identity
{
"sub": "orgUid-7c4f-…",
"name": "Kira James",
"verified": true,
// value set is {smrt, pdaas} pending PRICE-NEW-006 confirmation
"tier": "pdaas",
"smrt": { /* … */ }
}
One protocol, two tiers — additive.
See the tier comparison →
Trust isn't a section. It's the architecture.
Encryption where it counts, residency where it's required, and audit logs for every read.
E2E encrypted
Payment methods & secure notes. We can't read them.
Regional residency
GDPR, CCPA, LGPD, POPIA out of the box.
did:web identity
Cryptographic, portable, resolvable.
Audit by default
Every read, write, delete — actor + IP + key.
Take your data with you.
BoxOwl is in private beta. Join the waitlist for a registration token, or talk to us about PDaaS for your team.