
Google claims the Vault is completely transparent to its host devices and shows up as any ordinary storage destination. It is completely device- and OS-agnostic and only needs to be plugged in to work. Compatible apps can interact with two dedicated files: one that must be written to and the other that can only be read from. The rest of its file system is fake, and any interaction with it will result in a standard “bad sector” error, preventing even the host device from seeing what goes in and out of the Vault. No special drivers or user intervention are required. This means that a user’s security is maintained even if he or she moves the Vault between multiple host devices, no matter how insecure they might be.
The device and its software support text messaging, voice, and video streaming, as long as parties on both ends have their own Vault cards. Immutable hardware logging features would help owners determine if anyone has tried tampering with their Vault. Google is using 500 prototype cards internally and hopes to have commercial products out soon, with enterprise customers targeted first and consumer applications rolling out later. An open-source kit including development hardware and source code is already available.