The Technology Stack

SecureMFP technology stack and patented architecture.

SecureMFP runs on Secure Digital Transport, a patented document transfer architecture protected by seven granted patents across six jurisdictions. The stack is brand-agnostic across every major multifunction printer manufacturer, deploys in five minutes per device, and produces the per-document audit log every compliance framework expects to find on the scan-to-email path.

Stack overview

The SecureMFP technology stack at a glance

The SecureMFP stack is a stateless gateway that sits between the multifunction printer fleet and the institution's mail relay, file shares, and line-of-business systems. The scan-to-email job, the scan-to-folder job, and the fax-to-email job route through the gateway rather than through plaintext SMTP, plaintext SMB, or plaintext fax-over-IP. The encrypted-transport channel is governed by mutual authentication on both ends of the transmission. The recipient retrieves the document through an authenticated session, not a mailbox copy that persists in archive. SMTP, SMB, LDAP, and fax credentials migrate from individual devices to the centrally managed gateway so configuration backups stop exposing them. Per-document audit logs replace the fragmented event records that fleet management consoles produce today across the installed base. The deployment is five minutes per device and does not require firmware change on any multifunction printer brand in production today.

The engine

The Secure Digital Transport engine underneath

Secure Digital Transport, abbreviated SDT, is the patented document transfer architecture underneath every application Botdoc ships. SDT moves files from sender to recipient without requiring the recipient to log in, create an account, or join a portal. The transport is end-to-end encrypted, stateless at the transit layer, and produces an in-line per-document audit chain at the moment of transmission. Three architectural elements distinguish SDT from secure email, portal-based file sharing, and managed file transfer products on the market today. First, stateless transfer at the transit layer with no persistent server-side copy of the file. Second, no-recipient-login transport where the recipient receives a file without creating an account or password. Third, in-line per-document audit chain where chain-of-custody evidence is generated as the transport occurs rather than reconstructed later from logs. SecureMFP inherits every one of those properties because it runs on the same engine.

The patent estate

The patent portfolio that protects the architecture

Seven granted patents across six jurisdictions protect the SDT architecture. United States 10,469,463 granted November 2019 and 10,999,259 granted May 2021. Japan 6978498 granted November 2021. Australia 2017338913 granted April 2022. India 535215 granted April 2024. European Patent 3510745 granted July 2025, providing coverage across European Patent Convention member states including the United Kingdom, Germany, France, Italy, Spain, and the Netherlands. Canada 3,038,119 granted in 2025 following the June 30, 2025 Notice of Allowance. The estate spans the six largest English-language and OECD markets where regulated buyers conduct supply-chain risk review. The technology patents page documents every patent number, grant date, and the claim mapping that protects the stateless-transfer, no-recipient-login, and in-line-audit-chain elements of the architecture.

Read the technology patents page

Patent numbers, grant dates, jurisdictional coverage, and the claim mapping to SecureMFP. Used during vendor due diligence and supply-chain risk review.

Read the patents page →

Comparison surface

How the technology differs from print management and document capture

The SecureMFP stack is not a print management platform and not a document capture platform. Print management platforms like PaperCut and uniFLOW Online govern the print path: secure pull print, follow-me printing, badge release at the device. Document capture platforms like Kofax and Tungsten Automation route scanned documents into downstream applications like ECM, ERP, and line-of-business systems. SecureMFP encrypts the transmission step between the printer and the recipient or downstream system. The three categories address different problems and can coexist in the same fleet.

StackWhat it governs
Print managementThe print path: pull print, follow-me, badge release, hard-drive sanitization on lease return.
Document captureThe downstream route: OCR, indexing, delivery into ECM, ERP, and line-of-business systems.
SecureMFPThe scan-to-email transmission itself: encryption, audit log, credential consolidation.
Brand-agnostic deployment

Why the architecture is brand-agnostic across the MFP installed base

The SecureMFP gateway sits between the multifunction printer and the institution's mail relay or file share. The printer continues to use its native SMTP, SMB, LDAP, and fax protocols. The gateway terminates those protocols, encrypts the transmission, and routes the document through Secure Digital Transport. Every major copier brand uses the same standards-based protocols, so the gateway works with HP, Xerox, Ricoh, Konica Minolta, Canon, Lexmark, Sharp, Kyocera, Brother, and Toshiba devices in the same deployment. The copier lease and managed-print services contract are unchanged. No firmware update on any device. A typical regional fleet rollout runs two to four weeks.

See the head-to-head comparison

SecureMFP against PaperCut Hive, uniFLOW Online, and Kofax / Tungsten Automation across the four-column capability table buyers use during procurement evaluation.

Read the comparison →

FAQ, the engine and brand coverage

What the SDT engine is and which devices it covers

What the underlying engine does, and whether the gateway works with the existing copier fleet.

What is the Secure Digital Transport engine?

Secure Digital Transport, abbreviated SDT, is the patented document transfer architecture underneath SecureMFP. It moves files from sender to recipient without requiring the recipient to log in, create an account, or join a portal. The transport is end-to-end encrypted, stateless at the transit layer, and produces an in-line per-document audit chain. SecureMFP is the application built on the engine for multifunction printer scan-to-email.

Is SecureMFP brand-agnostic across copier manufacturers?

Yes. SecureMFP sits between the multifunction printer and the institution's mail relay. It is brand-agnostic across HP, Xerox, Ricoh, Konica Minolta, Canon, Lexmark, Sharp, Kyocera, Brother, and Toshiba. The institution's copier lease, managed-print services contract, and fleet are unchanged. Deployment is five minutes per device with no firmware change required.

FAQ, category boundaries

How SecureMFP relates to print management and capture stacks

How SecureMFP differs from the print management contract already in place, and from the capture platform routing scans.

How does the SecureMFP stack differ from print management?

Print management platforms like PaperCut and uniFLOW Online govern the print path: secure pull print, follow-me printing, hard-drive sanitization, badge release. The scan-to-email path is a different code path in the device. SecureMFP encrypts the scan-to-email path, not the print queue. The two systems coexist; one does not replace the other.

How does the SecureMFP stack differ from document capture?

Document capture platforms like Kofax and Tungsten Automation route scanned documents into downstream applications: ECM, ERP, line-of-business systems. SecureMFP encrypts the transmission between the multifunction printer and the recipient. The two address different problems. Capture systems can be wired into the encrypted output channel SecureMFP produces, so an institution does not have to choose.

FAQ, patents and procurement

Which patents protect SDT and why the estate matters

The final two questions cover the patent estate that protects the architecture and the role the estate plays during vendor due diligence and supply-chain risk review.

What patents protect the SDT architecture?

Seven granted patents across six jurisdictions. United States 10,469,463 and 10,999,259. Japan 6978498. Australia 2017338913. India 535215. European Patent 3510745 providing coverage across European Patent Convention member states including the United Kingdom. Canada 3,038,119 following the June 30, 2025 Notice of Allowance. The patent portfolio is documented on the technology patents page.

Why does the patent estate matter to regulated buyers?

Two reasons. First, defensibility during vendor due diligence and supply-chain risk review. Patents document the architecture is the firm's own and not a wrapper around a third-party library. Second, the patent estate is defensively complete across the six largest English-language and OECD markets, mitigating vendor-exit concerns that arise with single-supplier proprietary architectures.

Talk to a specialist

Talk to a SecureMFP specialist about the architecture and deployment

A SecureMFP specialist will walk through the architecture, the patent estate, the brand coverage across your specific fleet, and the rollout plan. Thirty minutes is the standard slot. The walkthrough covers the Secure Digital Transport engine, the per-document audit log format, the gateway placement between the multifunction printer fleet and the mail relay, and the supply-chain risk review materials your information security and procurement teams want to register. Forward-thinking institutions are closing the scan-to-email gap before the next audit cites it. The standard rollout is two to four weeks for a typical regional fleet across HP, Xerox, Ricoh, Konica Minolta, Canon, and the other major copier brands.