KeyOnTheGo is a mobile key assignment workflow in portier®VISION that allows keys to be assigned to a person and digitally confirmed via a mobile app using a QR code and signature.
In portier®VISION, a key is assigned to a specific person (key holder). The assignment is created by an administrator in the system.
After the key assignment is created, portier®VISION 5 generates a QR code for that specific assignment.
The key holder opens the Portier mobile app and scans the QR code.
Typically, this happens immediately after the administrator creates the assignment.
Online (internet mode):
The mobile app connects to the Portier cloud via the internet.
Local mode:
The mobile device must be on the same local network as the portier system. No internet connection is required.
Before signing, the app displays:
Name
Staff ID
Key number
This ensures the key holder can clearly see and confirm what they are signing for.
The key holder signs directly on the mobile phone within the Portier app.
The signature is stored temporarily in the Portier cloud so it can be retrieved by the client system.
An internal client (for example, portier®VISION or a VCA / Citrix client) actively retrieves the signature from the cloud.
The signature is:
Retrieved by portier®VISION using authenticated access
Passed to the local KeyOnTheGo service
Stored permanently within the local portier system
All temporary KeyOnTheGo data stored in the cloud is hosted on the German Microsoft Azure Cloud, operated by portier Global.
The data remains exclusively within Germany.
The Portier cloud acts as a temporary intermediary only.
It is not used as permanent storage.
The following data is stored temporarily:
Name
Staff ID
Key number(s)
The maximum retention period in the cloud is one month.
After retrieval, permanent storage takes place only in the customer’s local portier system.
Yes. The KeyOnTheGo process is designed to comply with GDPR requirements:
Cloud hosting is located in Germany (EU jurisdiction)
Only the minimum necessary personal data is processed
Data storage in the cloud is time-limited (maximum one month)
Permanent storage occurs locally, under customer control
Access to cloud data is restricted and authenticated
No personal data is embedded in the QR code itself
This supports GDPR principles such as data minimization, purpose limitation, and limited retention.
A QR code is valid for up to one month.
It can technically be scanned multiple times, but it is used only once by portier®VISION. Any later updates to the assignment do not affect the original QR code.
No.
The QR code contains only a reference with a token, not personal data.
Only portier®VISION is allowed to retrieve the signature.
Access is secured via authenticated requests.
Cloud communication: HTTPS
Local network communication: HTTP
Authentication is performed using a combination of request ID and token embedded in the QR code.
Only devices that:
Scan a valid QR code
Use the official Portier mobile app
are able to submit signatures.
Each request is validated using a strong request ID and token combination
Foreign or invalid data is automatically rejected
Any unexpected signature can be reviewed and validated manually by a human
