Offline and Secure: Why Biometric Locking Is the Future of Cleaning Apps

Two things quietly undermine field cleaning software: shared passwords and dead zones. The first means you can never be sure who actually did the work; the second means the moment signal drops, the record stops. Biometric locking and an offline-first design fix both — and together they're what make a cleaning app trustworthy enough to build an operation on.

Bind access to a person, not a password

A password can be shared, written on a wall, or passed around a team — which is exactly why password-based logins can't prove who was on site. Tyst uses the hardware-backed biometric sensors already in every modern phone to tie access to a physical identity:

• Method — Face ID, Touch ID or fingerprint via Android's BiometricPrompt.
• Storage — credentials live in the device Secure Enclave (iOS) or Trusted Execution Environment (Android).
• Encryption — AES-256 at rest, with matching performed on-device only.
• Privacy — raw biometric data never leaves the handset.

The result is 100% accurate labour attribution and the end of unauthorised account usage — without slowing anyone down at the door.

Authentication that survives losing signal

Tyst works in two network states, and authentication persists across both via a local token vault. Online, the backend issues OAuth2 access and refresh tokens, the device generates a unique offline credential, and a biometric signature binds that credential to the hardware. Offline, a successful biometric match unlocks the encrypted local vault, and the cached credential grants access to the day's data — no connection required.

• Access token — API-validated online; served from the cached vault offline.
• Data source — cloud database online; encrypted local store (SQLCipher) offline.
• Latency — network-dependent online; under 50 ms offline.
• Sync — real-time online; queued offline, then reconciled.

An offline-first data layer

Cleaning happens in basements, valleys and remote holiday parks where signal is never guaranteed, so Tyst treats the local database as the primary source of truth rather than a fallback. The on-device store is encrypted per row, holds 500+ units of cached work, and resolves conflicts by timestamp when it reconnects. In practice the field flow is simple: download the day's requirements while there's signal, complete the work in a zero-signal environment, capture photo and video evidence, log GPS and timestamps, and let it all queue for upload.

Every action becomes proof

Security and offline reliability only matter because of what they protect: the evidence. Tyst removes subjectivity by capturing every action with high-fidelity metadata stacked on top of each photo:

• Resolution — 1080p minimum, so detail holds up.
• Location — GPS accurate to within five metres.
• Time — ISO 8601 (UTC) signatures.
• Attribution — a biometric-verified user ID, with embedded watermarking.

Layer on QR- or GPS-verified unit IDs, completed checklists, categorised defect reports and immediate lost-property logging, and every job carries its own proof of service.

Reliability you can scale on

All of that activity converts into live performance metrics — completion rate, turnaround time, staff efficiency, defect frequency — visible to managers and, through read-only portals, to clients. Underneath, the platform is built on microservices with auto-scaling and distributed media storage against a 99.9% uptime target. Biometric locking prevents credential fraud, offline-first design guarantees continuity, and automated evidence capture replaces manual oversight.