iViu Insights Company Platform Overview
Technical Overview & Use Case Guide · 2026

The iViu Insights Platform
How It Works, Use Cases & Simulations

A complete guide to the iViu Insights signal intelligence and consumer analytics platform — the sensing technology, the real-time processing pipeline, the analytics it produces, the industries it serves, and the interactive simulations that demonstrate it in action.

DocumentPlatform Overview Edition2026 ClassificationPublic FormatWeb · Print / PDF
Jump to Contents
01 / Platform Overview

One sensing platform.
Two families of intelligence.

SECTION 01

iViu Insights has been developing scalable indoor and perimeter positioning technologies since 2013. The platform delivers real-time, high-accuracy intelligence supporting safety, security, analytics, and business decision-making across critical infrastructure and commercial environments. It is engineered for straightforward deployment: install patented iDTag™ sensors, connect them to a network, and the platform does the rest — no site surveys, no fingerprint databases, no recalibration cycles.

Every capability is built on the same foundation: iDTag sensors passively detect Wi-Fi-enabled devices — smartphones, tablets, wearables — hundreds of times per second, at position accuracy under one meter. That single stream of anonymous device observations powers two product families: Signal Intelligence (SIGINT) for perimeter protection and threat detection, and Consumer Journey Analytics for understanding how people move through and engage with physical spaces.

The platform at a glance

250+Enterprise Customers
10,000+Sensors Shipped Worldwide
<1mPosition Accuracy
351MSamples Processed Daily (avg)
50.2BSignals Processed Year-to-Date
1T+Samples Processed Since 2013
1–3sAlert Delivery Latency
24/7Automated Health Monitoring

What makes it different

Self-Calibrating

  • Adapts automatically to environmental changes — moved fixtures, new walls, seasonal layouts
  • No fingerprinting surveys or manual recalibration, ever
  • Sensors are plug-in devices: power plus network is all that is required

Passive & Anonymous

  • No app installs, no beacons, no opt-in required from visitors
  • Device identifiers are anonymized and encrypted at the point of collection
  • Defeats MAC randomization without ever identifying a person

Real-Time & Historical

  • Proximity alerts published within one to three seconds of detection
  • Live occupancy and positioning views for operations teams
  • Deep historical analytics — dwell, journeys, conversion, repeat visits
02 / How It Works

From raw RF signal to intelligence,
in six stages.

SECTION 02

Every insight the platform produces — a security alert, a conversion metric, a heatmap — begins as a radio-frequency observation made by an iDTag sensor. The pipeline below runs continuously, at every monitored location, processing hundreds of millions of samples per day.

STAGE 01 Sense iDTag sensors passively collect RF signals from every Wi-Fi-enabled device in range — hundreds of observations per second per sensor. Each observation captures an anonymized device identifier, signal strength (RSSI), and precise timestamps. Sensors stay time-synchronized via the platform's dedicated network time service, so multi-sensor observations can be correlated to the millisecond.
STAGE 02 Ingest Observations stream to the platform over encrypted MQTT, TCP, or UDP transports. A high-throughput ingestion gateway parses detection events, sensor status events, and compact binary telemetry, then lands them in the platform's event store. Sensor health — battery, resets, heartbeats — is tracked continuously, and unresponsive sensors are automatically recovered.
STAGE 03 Resolve Modern phones randomize their MAC addresses to evade tracking — which defeats naive Wi-Fi analytics. The platform's de-randomization engine builds RF behavioral fingerprints from each device's transmission patterns and groups randomized identities back to a single stable, anonymous device identity. This is the foundation for accurate counting, dwell, and repeat-visit measurement.
STAGE 04 Position A positioning engine converts multi-sensor signal strength observations into physical coordinates using weighted-centroid and solver algorithms. Quality gates suppress sub-meter jitter, reject physically impossible movement, and constrain positions to floor-plan zones — delivering stable trajectories at under one meter of accuracy without any calibration.
STAGE 05 Classify Every resolved device is classified using per-location rules: visitor, stationary device, staff, or excluded (e.g., known infrastructure). Classification separates genuine customer traffic from employees and fixed equipment, so analytics reflect real visitor behavior — and security rules can treat known and unknown devices differently.
STAGE 06 Analyze & Act Classified, positioned data feeds two engines in parallel: the SIGINT engine evaluates proximity, dwell, and threat rules and publishes alerts in real time; the analytics engine aggregates visits into KPIs — traffic, dwell, conversion, new vs repeat — served through dashboards, APIs, and scheduled reports. Health monitors watch every stage and raise operational alerts automatically.
03 / System Architecture

A layered, service-oriented architecture.

SECTION 03

The platform is composed of independent, horizontally scalable services organized in five layers. Each layer communicates through well-defined interfaces — message queues, databases, and REST APIs — so capacity can be added exactly where a deployment needs it, from a single store to a national sensor network.

Layer 1
Sensor Field
iDTag™ sensors — passive RF collection
Time sync service (SNTP)
Remote config & OTA firmware updates
Automated sensor health & recovery
Layer 2
Ingestion
Listener gateway — MQTT / TCP / UDP
Event parsing & validation
High-throughput event store
Relational analytics store
Layer 3
Processing
De-randomization — device resolution
Positioning engine — <1 m accuracy
Visitor classification rules
Distributed work scheduling
Layer 4
Intelligence
SIGINT engine — real-time alerts
KPI aggregation — daily / hourly / zone
Summary data feeds
Scheduled reporting
Layer 5
Delivery
Web portals — analytics & operations
Partner portal & user management
REST APIs & MQTT M2M integration
Email / SMS notifications

Infrastructure & operations

Service RuntimeCompiled Go microservices — small footprint, high concurrency, deployed as native binaries under systemd
Event StorageDocument store for high-throughput raw event ingestion and device fingerprint data
Analytics StorageRelational store for per-location detection, status, position, and KPI tables
MessagingMQTT broker with mutual-TLS client-certificate authentication for sensors and partner integrations
Cloud ServicesAzure Blob Storage for summary feeds and automated backups; Azure Communication Services for notifications
Web Deliverynginx-served portals with token-based sessions, TOTP two-factor authentication, and per-app authorization
ResilienceContinuous automated backups of all stores; point-in-time restore; per-location health checks every cycle
MonitoringDedicated alerting service checks listeners, processing lag, sensor heartbeats, and data freshness around the clock
04 / Signal Intelligence

SIGINT — real-time proximity
detection and threat response.

SECTION 04

The SIGINT platform turns the sensor field into a continuous perimeter-intelligence system. Sensors at a protected location passively observe every RF-emitting device nearby — each identified by an anonymous device identifier, estimated distance, signal strength, and first/last-seen timestamps. The platform evaluates those observations against rules configured per location: minimum signal strength, proximity thresholds, dwell time, and device classification.

When rule conditions are met, a structured alert is published to connected security systems within one to three seconds. There is no polling and no REST round-trip — alert delivery is pure machine-to-machine messaging over encrypted MQTT, authenticated with mutual-TLS client certificates issued by iViu. A fully automated integration completes the entire detect → alert → resolve loop in under one second.

The alert lifecycle

1 · SENSE Passive collection Sensors observe nearby devices: identity, distance, signal strength, timestamps.
2 · DETECT Rule evaluation Signal, proximity, dwell, and classification rules are evaluated continuously per location.
3 · ALERT Publication JSON alert published to subscribers in 1–3 seconds, QoS-guaranteed delivery.
4 · RESPOND Partner resolution Security system responds: clear, authorize, flag bad actor, or register the event.
5 · CLOSE Auto-closure If the device physically leaves and no response arrives, the alert expires automatically.

Resolution message types

ResolutionEffect on the platform
clear_alertCloses the alert with a named operator action; no change to the device's future treatment.
authorize_deviceCloses the alert and marks the device as authorized — suppressing future alerts for that device at the location.
bad_actor_deviceCloses the alert and flags the device as a known bad actor, elevating future detections.
register_eventRecords a security event against the device without changing its classification.
alert_event_regCombined operation — closes the alert and registers the event in a single message.

Collective threat intelligence

Devices flagged as bad actors contribute to a collective threat intelligence network. A device flagged at one participating location can be recognized when it appears at another — turning isolated deployments into a shared early-warning system for organized retail crime, critical-infrastructure reconnaissance, and repeat offenders.

05 / Consumer Journey Analytics

Understand every visit —
without identifying anyone.

SECTION 05

The analytics side of the platform answers the questions physical businesses have always envied online retailers for: How many people came in? How many walked past? Are they new or returning? Where did they go, how long did they stay, and did they buy? Because de-randomization produces stable anonymous device identities, these measurements are accurate over time — repeat-visit and loyalty metrics actually work.

Analytics are computed continuously and delivered through the Foot Traffic Analytics dashboards, the partner portal, summary data feeds, and REST APIs. Every metric is available per location, per zone, per hour, and per day — with journey playback for individual anonymous visits.

Key performance indicators

CustomersQualified visitors — devices meeting per-location dwell and presence thresholds
New vs RepeatFirst-time or returning within the configurable look-back window (default 180 days)
Passers-ByDevices detected outside/near the location that never entered — capture-rate denominator
EmployeesStaff devices classified and excluded from visitor metrics automatically
Average DwellMean visit duration in minutes, by day and by zone
Sale ConversionsVisits that reached a point-of-sale zone with qualifying dwell
Abandoned SalesVisits that queued at point-of-sale but left without completing
Visit FrequencyAverage visits per unique device over the reporting period

Analytics views

Live Dashboard

  • Live KPI cards with real-time visitor counts
  • Daily visitor trend charting
  • Period summary comparison tables

Heatmap & Zones

  • Zone-by-zone visit volume with heat scoring
  • Peak-hour identification per zone
  • Per-zone dwell analytics by day

Journey Playback

  • Anonymous per-device position playback on the floor plan
  • Path, sequence, and dwell at each stop
  • Customer journeys only — staff and equipment filtered out

Visitor Analytics

  • New vs repeat stacked trends
  • Dwell-time trend analysis
  • Hourly traffic patterns by visitor type

Count Reports

  • Daily visitor type breakdown tables
  • Hourly traffic counts by classification
  • Exportable for BI ingestion

Data Feeds & APIs

  • Scheduled summary data feeds to cloud storage
  • REST APIs for KPIs, traffic, heatmap, and journeys
  • MQTT machine-to-machine integration for live events
06 / Privacy & Security

Anonymous by default.
Encrypted end-to-end.

SECTION 06

The platform measures devices, not people. No names, phone numbers, photos, payment data, or app accounts are ever collected — there is nothing to breach that could identify an individual. Device identifiers are anonymized and encrypted at the point of collection, and de-randomized identities remain purely statistical constructs used for counting and journey continuity.

Security follows the same discipline as the sensing: every transport in the platform is encrypted, every machine-to-machine connection is authenticated with mutual-TLS certificates, and every human-facing portal enforces token sessions with optional TOTP two-factor authentication and per-application authorization.

Privacy Commitments

  • No personally identifiable information collected — ever
  • Anonymized, encrypted device records at collection time
  • Public self-service opt-out portal for any device owner
  • Data retention windows configurable per deployment
  • Designed to support GDPR/CCPA-aligned deployments

Security Controls

  • Mutual-TLS certificate authentication for all M2M connections
  • Encrypted MQTT (port 8883) — no password-only broker access
  • Portal sessions with expiring tokens and TOTP 2FA
  • Per-user, per-application authorization in the partner portal
  • Automated backups with tested restore procedures
07 / Industry Use Cases

Twelve scenarios. One platform.

SECTION 07

The same sensors and pipeline serve radically different missions depending on the rules and analytics enabled. These twelve scenarios — each with a corresponding interactive simulation (Section 08) — span the security-to-analytics spectrum.

01 Construction Site After-hours intrusion detection across an open site. Unknown devices approaching equipment or materials trigger alerts; authorized crews' devices are recognized and suppressed. Security · Perimeter
02 Distribution Center Dock-and-yard visibility: track workflow movement through zones, detect unauthorized presence in restricted areas, and measure labor flow between picking, staging, and shipping. Security · Operations
03 Big-Box Retail Full-property intelligence: parking-lot capture rates, entrance conversion, storewide traffic KPIs, and ORC early warning via the collective bad-actor network. Analytics · Security
04 Big-Box Interior Department-level journey analytics: heatmaps by aisle, dwell by category, journey playback, queue abandonment at the front end, and staff-coverage measurement. Analytics · In-Store
05 Shopping Center Common-area and tenant analytics: cross-shopping patterns between anchors and inline stores, dwell in food courts, and property-wide visit frequency for leasing intelligence. Analytics · Multi-Tenant
06 Small Store Right-sized analytics for a single storefront: walk-by vs walk-in capture, new vs repeat customers, dwell, and conversion — installed with as few as two sensors. Analytics · SMB
07 Car Dealership Lot and showroom intelligence: after-hours lot security alerts, sales-floor engagement measurement, be-back (repeat visitor) recognition, and test-drive dwell analytics. Security · Analytics
08 Apartment Complex Community safety: detect loitering near entrances and amenity areas, recognize flagged devices, and give management visibility into common-area utilization. Security · Residential
09 Border Perimeter Wide-area perimeter surveillance: detect and track device movement across remote boundary segments, with real-time alerts to patrol systems over M2M messaging. SIGINT · Government
10 Cell Site Critical-infrastructure protection: unattended tower compounds monitored 24/7; any device breaching the proximity threshold raises an alert with dwell and distance context. SIGINT · Infrastructure
11 Store Interior · Bad Actor ORC response inside the store: a device previously flagged as a bad actor enters, is recognized within seconds, and loss-prevention is notified with a live position. SIGINT · Loss Prevention
12 Convenience Store Exterior loitering and forecourt intelligence: dwell alerts at pumps and entrances after configurable thresholds, plus capture-rate analytics for the store itself. Security · Analytics
08 / Use Case Simulations

See the platform work —
before a single sensor ships.

SECTION 08

The iViu use case simulations are interactive, browser-based recreations of live platform deployments. Each simulation renders a realistic site — a store, a cell tower compound, a border segment, a dealership lot — with iDTag sensors placed exactly as they would be in a real installation, and animated devices moving through the space the way real visitors, staff, vehicles, and intruders do.

As synthetic devices move, the simulation shows precisely what the platform would do at every moment: sensors detecting devices in range, positions resolving on the floor plan, classification decisions, KPI counters accumulating, and — in the security scenarios — proximity rules firing live alerts with dwell timers and distance readouts. It is the full sense → detect → alert → resolve lifecycle from Section 04, made visible.

What each simulation demonstrates

Sensor Coverage

  • Real sensor placement geometry for the site type
  • Detection range and overlap visualization
  • How few sensors a deployment actually needs

Live Detection

  • Devices appearing, moving, and dwelling in real time
  • Visitor vs staff vs vehicle classification
  • Position tracking at sub-meter accuracy

Alerts & KPIs

  • Proximity and dwell rules firing as thresholds are crossed
  • Bad-actor recognition and re-identification
  • Traffic and conversion KPIs accumulating live

The twelve simulations

All twelve industry scenarios from Section 07 are available as simulations at iviuinsights.com/simulations.html — Construction Site, Distribution Center, Big-Box Retail, Big-Box Interior, Shopping Center, Small Store, Car Dealership, Apartment Complex, Border Perimeter, Cell Site, Store Interior · Bad Actor, and Convenience Store. Each runs directly in the browser; no installation is required.

Access: Simulations are access-code protected. Codes are provided to customers, partners, and qualified prospects — contact sales@iviutech.com to request access. Once unlocked, all twelve simulations are available for the duration of your browser session.

09 / Deployment & Integration

From site survey to live intelligence.

SECTION 09

Deployment path

STEP 1 Plan iViu engineers review your floor plan or site map and model sensor placement for the coverage and accuracy your use case requires — typically far fewer sensors than camera or beacon systems.
STEP 2 Install Sensors are plug-in devices: mount, power, and connect to the network. Sensors self-register, time-sync, pull their configuration, and begin reporting automatically.
STEP 3 Configure Zones, thresholds, classification rules, and alert policies are configured per location in the platform — and tuned remotely at any time without touching the hardware.
STEP 4 Operate Dashboards, alerts, and data feeds go live. Automated health monitoring, OTA firmware updates, and backups keep the deployment healthy without on-site maintenance.

Integration surfaces

Real-Time Alerts (M2M)Subscribe to structured JSON alerts over encrypted MQTT; publish resolutions back to close the loop — sub-second automated response cycles
Master Data (M2M)Manage customer, location, and sensor configuration records programmatically over the same authenticated MQTT channel
REST APIsKPIs, traffic trends, heatmaps, journeys, live counts, and count reports for BI and application integration
Summary Data FeedsScheduled aggregated exports delivered to cloud storage for warehouse ingestion
Web PortalsPartner portal with per-user application authorization: analytics, plotting, SIGINT operations, data transfer, and administration
SandboxFull sandbox broker and test environment provisioned for partner integration development

Ready to see it on your site? Contact sales@iviutech.com for a deployment consultation, an evaluation unit, or simulation access — or reach the team via the contact form at iviuinsights.com.

10 / Product Specifications

iDTag™ sensor — hardware at a glance.

SECTION 10

The iDTag™ is a compact, industrial-grade RF sensor engineered for continuous unattended operation. The specifications below summarize the production hardware; the complete datasheet is published at iviuinsights.com/spec-sheet.html.

Physical & environmental

Dimensions / Weight101 × 64 × 18 mm · ~142 g
Operating Temperature−40°C to +85°C — industrial rating for outdoor, warehouse, and utility environments
Power InputPoE (RJ45, 48V 802.3af) or USB-C 3.5V; JST-PH battery backup adaptor; daisy-chain topology supported
Power Consumption≤1.0 W typical on PoE · ≤0.85 W typical on USB-C · 0.825 W worst case · 5 µA deep sleep (~16.5 µW) with auto sleep/wake
AntennaExternal, 1–9 dBm (whip +2 dBm)
FirmwareEncrypted over-the-air (OTA) updates; each unit carries a unique factory MAC identity

Radio

Standards802.11 b/g/n/ac promiscuous-mode scanning · DSSS / OFDM / VHT modulation
Frequency Coverage2.412–2.484 GHz and 5.150–5.850 GHz (channels 36–165)
Receive Sensitivity−97 dBm (2.4 GHz) · −90 dBm (5 GHz)
Transmit Power−12 to +9 dBm, software controlled
Data Rates1–11 Mbps (b) · 6–54 Mbps (g) · up to 433 Mbps (ac)
SecurityWEP-128 · WPA-PSK · WPA2-PSK · WPA3-SAE

Detection capabilities

Device IdentityProprietary RF fingerprinting produces a stable unique device ID resilient to MAC address randomization
Signal Range1–50 m per sensor; site coverage typically 1,200 ft diameter (1,500+ ft in open rural space)
Positioning AccuracyUnder 1 m achievable; 1–8 m typical depending on sensor density and environment
Analytics OutputsNew / return sighting, visit frequency & recency, X/Y coordinates, dwell time, aggregate and real-time feeds
Broadcast Rate>150 observations per second per sensor
NetworkingTCP / UDP / DHCP / DNS / ICMP / ARP; HTTP and FTP client

Compliance & connectivity

CertificationsUL Certified · FCC (US)
PrivacyGDPR · CCPA · No PII collected — anonymization is architectural, not procedural
Transport SecurityMQTT over encrypted independent uplink · Azure IoT Hub · mutual TLS (mTLS)
GatewaysUbiquiti, Cradlepoint, AT&T SmartHub, or off-the-shelf cellular gateways
Network IsolationIndependent uplink — no connection to the facility network is required
11 / Technical Q&A

The questions every evaluation team asks.

SECTION 11

Detection & identification

What RF spectrum does the platform monitor, and how are false signals filtered out?

The platform uses the 2.4 GHz band and extends coverage across the full Wi-Fi RF spectrum to trigger alerts. Sensors capture samples, and heuristics based on range, time-seen, sample count, time-of-arrival, and other features vet every sample before it is recorded as a RAW event. That vetting filters out multipath, reflections, and amplified or interfering signals — so only validated RF emissions progress to alert logic.

Where does the unique device ID (UDID) come from? Can it be cloned or spoofed?

UDIDs originate from the radio emissions of nearby Wi-Fi devices. The platform derives a proprietary unique device ID from the device's emitted information elements — roughly 227 possible radio-level data elements including manufacturer and vendor fields and probe/management frame characteristics.

Because the UDID is computed from low-level radio characteristics rather than broadcast OS or app identifiers, it cannot be cloned or spoofed by copying an advertised name or leaving a device behind. The UDID is based on the radio hardware signature — not an app or OS-provided ID.

How accurate is positioning, and what determines that accuracy?

Proximity estimation and positioning depend on sensor density and geometry — three or more sensors provide the best accuracy, and inter-sensor spacing directly affects positioning quality. All positioning is RSSI-based at the core, but raw samples are processed with heuristic modeling similar to concepts used in UWB systems: time-of-arrival patterns, historical position models for each transmitter, and trilateration across as many data points as available, selecting the modal or most consistent result.

Accuracy is environment-dependent. Sites go through a burn-in period so the heuristic model can learn site-specific patterns and compensate for obstacles such as metal containers, scaffolding, or structural steel. Additional sensors may be added to meet tighter accuracy requirements.

What is the practical detection range?

Documented practical detection coverage is 1,200 ft in diameter — extending to over 1,500 ft in rural open space — with positioning accuracy generally within 3 ft, depending on sensor density.

Masking & access rules

How are known and authorized devices masked so they don't generate alerts?

Masking uses a combination of methods: whitelisting and authorized-device designations, virtual zones (fences), sample-count thresholds, RSSI (distance) filters, dwell-time rules, and other site- or customer-specific parameters. Templates for common site types are available out of the box.

Can rules differ by site or by role?

Yes. Masking and authorization rules can be site-specific and role-specific — a security guard, subcontractor, general contractor, and delivery driver can each be handled as a different class of personnel and device. Sites can also carry open-hours rules and other site-specific policies, which substantially reduces false alarms across all deployments.

12 / Privacy Policy

No names. No emails. No phone numbers. No PII. Ever.

SECTION 12

iViu was built from the ground up on a single principle: location intelligence should never require collecting personal information. Sensors detect and analyze RF signal emissions from wireless devices in the environment — no user action, app installation, or account registration is required or possible. This section summarizes the full Privacy Policy published at iviuinsights.com/privacy-policy.html (effective January 1, 2024 · revised May 2026 · GDPR & CCPA aligned).

What the sensor platform collects

Data elementDescriptionStored?
Hashed Device IDOne-way cryptographic hash derived from the device's RF characteristics — cannot be reversed to identify the device or its ownerYes
Signal StrengthRSSI, used solely for positioning calculationsYes
Frequency / ChannelRF channel on which the signal was observedYes
TimestampDate and time of detection, for dwell-time and flow analyticsYes
Sensor ID / ZoneWhich iDTag™ detected the signal, mapped to a venue zoneYes
Raw MAC AddressDiscarded immediately upon receipt — never written to storageNever

What is never collected — by architecture

Architecturally impossible

  • Names, usernames, email addresses, phone numbers
  • Home addresses and government-issued ID numbers
  • Financial account or payment card information
  • Biometric, health, or demographic data
  • Device contents — messages, calls, browsing, app data
  • Location history outside the venue where sensors are deployed

How data is used — and never used

  • Indoor positioning and aggregated foot-traffic analytics
  • SIGINT security functions in critical-infrastructure deployments
  • Internal calibration using de-identified aggregate datasets
  • Never used for ad targeting or individual behavioral profiling
  • Never resold to data brokers
  • Never applied beyond the service contracted by the deploying partner

Retention & rights

Raw Signal Observations90 days — rolling analytics window, purged on cycle
Aggregated Reports13 months rolling — year-over-year comparison, no individual device linkage
SIGINT Event LogsPer customer contract, typically 12–36 months, to support security investigations
Opt-Out RecordsRetained indefinitely so opt-out requests are honored permanently
Your RightsGDPR and CCPA rights supported, including opt-out; requests via support@iviutech.com

The sensor platform detects presence and movement in a physical space. It does not know — and has no mechanism to learn — who you are. This is an architectural guarantee, not a policy preference.