Encryption & Export Compliance
Document version 2.1 · Last updated April 26, 2026
Classification: All apps published by And Beyond Apps, LLC. under the BogeyHunter umbrella use only standard, publicly available encryption. Each iOS app qualifies as Exempt under U.S. Export Administration Regulations (EAR) §740.17(b).
Scope: Sections 2–4 below describe the BogeyHunter coaching platform (iOS mobile app + Windows desktop). Section 5 below describes BogeyHunter — The Tracker, a separate scorecard / KPI / tee-time app with its own crypto profile. Sections 6 (what we don’t use) and 7 (contact) apply to both.
1. Overview
And Beyond Apps, LLC. publishes the BogeyHunter family of apps. The coaching platform (Coach Mulligan’s iOS mobile app and Windows desktop) and BogeyHunter — The Tracker (a separate scorecard, KPI, and tee-time app) are distinct products with their own crypto profiles, but all share a strict local-first design: AI inference, swing analysis, scoring, and coaching conversations run entirely on the user’s device. None of these apps transmit user data to servers operated by And Beyond Apps.
Each app uses encryption in narrow, well-defined contexts. None implements proprietary or non-standard cryptographic algorithms.
2. Encryption Usage Summary
| Purpose | Algorithm | Mobile (iOS) | Desktop (Windows) |
|---|---|---|---|
| Network transport | TLS 1.2/1.3 | Apple URLSession (system) | System HTTPS (course data API only) |
| AI model file encryption | AES-256-CBC | Apple CommonCrypto | Python cryptography library |
| Secrets management | age (X25519 + ChaCha20-Poly1305) | N/A | SOPS + age for configuration secrets |
| Authentication tokens | HMAC-SHA256 (JWT) | N/A | Local-only JWT for multi-golfer session management |
3. Mobile Platform (iOS)
The following sections detail encryption usage specific to the iOS mobile app, as required for Apple App Store export compliance.
3.1 Network Transport Security (HTTPS)
The mobile app makes limited HTTPS network requests for one purpose:
- Golf course data retrieval — querying a third-party API for course layout information (hole yardage, par, hazards) when using on-course mode.
- Framework: Apple's
URLSessionwith default configuration - Protocol: TLS 1.2 and TLS 1.3 as negotiated by iOS
- Certificate validation: Default Apple TLS certificate chain validation (system trust store)
- App Transport Security (ATS): Default enforcement — no exceptions configured in Info.plist
- Certificate pinning: Not implemented (relies on system validation)
- Custom TLS configuration: None
This qualifies as standard use of operating system-provided HTTPS, exempt under EAR §740.17(b)(1).
3.2 Local Model File Encryption (AES-256-CBC)
The mobile app bundles a machine learning model file (GGUF format) that is encrypted at rest within the app bundle. The model is decrypted on-device when needed for AI inference. No decrypted model data is transmitted off-device.
| Parameter | Value |
|---|---|
| Algorithm | AES-256 in CBC mode |
| Padding | PKCS7 |
| Key derivation | PBKDF2 with SHA-256, 10,000 iterations |
| Salt | 16 random bytes (per-file, stored in file header) |
| Initialization vector | 16 random bytes (per-file, stored in file header) |
| Library | Apple CommonCrypto (standard iOS framework) |
| File format | [16-byte salt][16-byte IV][encrypted data] |
| Decryption method | Streaming (1 MB chunks) to temporary directory |
| Temporary file | Deleted after model is loaded into memory |
Encryption protects the proprietary fine-tuned model weights from extraction. The encrypted file is bundled at build time and only decrypted locally for inference. No key exchange, key escrow, or network-based decryption is involved.
This qualifies as local-only storage encryption exempt under EAR §740.17(b)(3).
3.3 Mobile Data Storage (Non-Encrypted by App)
The following data is stored locally using standard iOS storage mechanisms. The app does not apply its own encryption to this data; protection is provided by iOS file-level encryption (Data Protection), which is active when the device is locked.
- Golfer profile (name, handicap, equipment) —
UserDefaults - Club bag configuration —
UserDefaults - Round history and swing sessions — JSON files in app Documents directory
3.4 App Store Export Compliance
App Store Connect responses:
Q: Does your app use encryption?
Yes.
Q: Does your app qualify for any exemptions?
Yes. The app uses only standard HTTPS (operating system TLS) and AES-256-CBC for local storage of bundled files. Both qualify as exempt under EAR §740.17(b).
Q: Does your app implement or access any non-exempt encryption?
No.
| Regulation | Provision | Applies To |
|---|---|---|
| EAR §740.17(b)(1) | Publicly available encryption software | HTTPS / TLS via Apple URLSession |
| EAR §740.17(b)(3) | Information security — local storage encryption | AES-256-CBC for local model file |
4. Desktop Platform (Windows)
The desktop platform runs entirely locally on the user's Windows PC. All services communicate over localhost only — no data is exposed to the network.
4.1 AI Model Encryption
The desktop platform encrypts proprietary model weights at rest using the same AES-256-CBC scheme as the mobile app. Encrypted model files are decrypted into memory at launch and the decrypted files are not persisted to disk.
4.2 Secrets Management
Configuration secrets (API keys, service tokens) are encrypted using SOPS + age (X25519 key exchange + ChaCha20-Poly1305 symmetric encryption). Encrypted secrets are stored in the repository; decryption happens locally at startup using a key stored on the user's machine. No secrets are transmitted over the network.
4.3 Authentication
The desktop platform uses JWT tokens (HMAC-SHA256) for local multi-golfer session management. Tokens are issued and validated entirely on localhost — no external authentication servers are involved. Tokens are stored as httpOnly cookies scoped to 127.0.0.1.
4.4 Network
All desktop services bind to 127.0.0.1 (localhost only). No ports are exposed to the local network or internet. The only outbound HTTPS request is an optional golf course data API query, using system-provided TLS.
4.5 Desktop Data Storage
User data (golfer profiles, swing metrics, coaching history, session videos) is stored locally in the application's data directory. The application relies on Windows filesystem permissions for access control. No application-level encryption is applied to user data files.
5. BogeyHunter — The Tracker (separate app)
Scope: The encryption profile in Sections 5.1–5.7 below applies to BogeyHunter — The Tracker, a separate product from And Beyond Apps, LLC. The Tracker is a golf scorecard, KPI dashboard, and tee-time hunter (a cadence-bounded aggregator of public tee-sheet availability that deep-links to the course’s own booking site). It does not log in to booking sites, does not store booking-site passwords, does not capture swing video, and does not bundle the proprietary fine-tuned coaching model described in Section 3 above. It is published by the same company under the BogeyHunter umbrella.
Classification: The Tracker uses only standard, publicly available encryption across both desktop and iOS surfaces and qualifies as Exempt under U.S. Export Administration Regulations (EAR) §740.17(b).
5.1 Tracker Encryption Usage Summary
| Purpose | Algorithm | Desktop | iPhone |
|---|---|---|---|
| Network transport (HTTPS) | TLS 1.2 / 1.3 | System TLS — Tee Time Hunter reads of public tee-sheet pages, APNs requests, course catalog | Apple URLSession default — not used in normal operation |
| Round / scorecard data at rest | SQLCipher (AES-256) | Encrypts the SQLite transactional store on disk | iOS Data Protection (system-managed) |
| LAN sync authentication | HMAC-SHA256 | Signs sync messages with the shared pairing secret | Verifies / signs sync messages with the same shared secret |
| QR pairing | One-time random shared secret | Generates and displays the static pairing QR | Reads the QR and pins the shared secret locally |
| APNs request signing | JWT (ES256) | Signs APNs requests with your APNs auth key | N/A — receives push notifications |
5.2 Network Transport (HTTPS)
The desktop makes outbound HTTPS requests in three contexts:
- Tee Time Hunter reads — scheduled GETs of the public tee-sheet pages of the courses you choose to watch. System TLS, no custom configuration, no certificate pinning, no proprietary protocol. No login is performed and no booking-site credentials are transmitted.
- Apple Push Notification service — JWT-signed APNs requests sent from your desktop to Apple to update read-only Live Activities on your paired iPhone with new-slot summaries.
- Course catalog — one-time or on-demand HTTPS download of OpenStreetMap-sourced course data.
The iPhone companion does not make outbound HTTPS requests in normal operation. All sync with the desktop runs over the local network.
5.3 No Credentials Vault
The Tracker does not maintain a credentials vault and does not store passwords for any third-party booking site. The Tee Time Hunter reads public tee-sheet pages and surfaces availability; bookings are completed by the user on the course’s own site. Earlier internal builds shipped a master-password-unlocked credentials vault; that vault and its master-password flow have been removed and no equivalent ships in the public release.
5.4 Round Data at Rest
Round data is stored in a local database. The transactional store uses SQLCipher, an AES-256 encrypted SQLite variant, applied at the database layer.
On iPhone, round data is stored in the app sandbox and protected by iOS file-level encryption (Data Protection), which is active whenever the device is locked.
5.5 LAN Sync (Bonjour + HMAC)
iPhone ↔ desktop sync runs entirely on the local network:
- Discovery: Bonjour / mDNS — the desktop advertises a service name; the iPhone discovers it on the same Wi-Fi.
- Pairing: a one-time static QR transfers a shared random secret. ~3 seconds, no key escrow, no cloud round-trip.
- Message authentication: sync messages are signed with HMAC-SHA256 using the shared pairing secret. Both ends verify before applying.
- Conflict policy: desktop is the source of truth on conflict.
5.6 Push Notifications (APNs)
The desktop’s Tee Time Hunter sends read-only Live Activity updates to your iPhone via Apple’s Push Notification service. Each request is a JWT-signed (ES256) HTTPS POST to Apple, using your APNs auth key (stored locally on the desktop). The push payload contains slot-availability summaries and Live Activity tokens — no scoring data, no personal information, no booking-site credentials. Pushes originate from your own paired desktop, not from a third-party relay.
5.7 The Tracker — App Store Export Compliance
App Store Connect responses (BogeyHunter — The Tracker):
Q: Does your app use encryption?
Yes.
Q: Does your app qualify for any exemptions in EAR §740.17(b)(3)?
Yes. The app uses encryption only for authenticating peer connections (HMAC-SHA256 over LAN), protecting user data at rest (iOS Data Protection on the device; SQLCipher on the desktop), and standard system HTTPS via Apple URLSession. All algorithms are publicly available standards.
Q: Does your app implement encryption algorithms that are proprietary or non-standard?
No. The Tracker uses AES-256 (via SQLCipher), HMAC-SHA256, ES256 (for JWT/APNs), and standard TLS — all standard, no custom or proprietary cryptography.
Info.plist entry: ITSAppUsesNonExemptEncryption = false. This avoids the per-build export compliance form. Justification: only standard encryption APIs for protecting user data at rest and authenticating peer connections, which is fully within the §740.17(b)(3) exemption.
| Regulation | Provision | Applies To |
|---|---|---|
| EAR §740.17(b)(1) | Publicly available encryption software | HTTPS / TLS via Apple URLSession; system TLS on desktop |
| EAR §740.17(b)(3) | Information security — local storage encryption | iOS Data Protection; SQLCipher (AES-256) on desktop |
| EAR §740.17(b)(3) | Information security — authentication | HMAC-SHA256 LAN sync authentication; ES256 JWT for APNs |
6. What BogeyHunter Does NOT Use (All Apps)
- No proprietary or custom cryptographic algorithms
- No end-to-end encrypted messaging or communication
- No VPN, proxy, or tunnel functionality
- No encrypted network protocols beyond standard HTTPS
- No interactive key-exchange protocols (Diffie-Hellman, ECDH) over the network — The Tracker’s pairing uses a one-time out-of-band QR transfer of a shared HMAC secret on the local network only
- No user-facing encryption features
- No cloud-based key management or key escrow
7. Contact
For questions regarding this encryption documentation:
And Beyond Apps, LLC.
Las Vegas, Nevada
mulligan@bogeyhunter.ai