✓ Keyboard-edge protection Encrypt before send · Chrome & Edge · Zero-knowledge cloud

Keyboard-edge protection

Secrets never leave your keyboard in plaintext

Veil sits where you type — encrypting API keys, credentials, and PII in Gmail, Outlook, and AI chat before they reach mail servers or LLM pipelines. Send as normal with [redacted]. Unlock in-thread or via a hosted link.

Encrypt locally Zero-knowledge — plaintext stays in your browser.
Copilot guides you See what matched before you secure or mask.
Share on your terms Free one-time codes, Plus direct share, or Team policy.

Why keyboard-edge beats downstream DLP

Before the pipeline

Purview, Nightfall, and Strac need your data in flight. Veil encrypts at the keyboard — secrets never reach mail servers or LLM APIs in plaintext.

Send as normal

[redacted] and [veil:vt_…] look like ordinary email. Recipients click to unlock in-thread — or use the hosted unlock page with no install.

Proof, not policy theater

Copilot shows what matched (e.g. sk-…x4K9) before you act. Weekly stats, SIEM metadata, and admin dashboards — without reading message content.

How Veil fits your day

Paste or highlight

Veil copilot catches secrets in compose, forms, and AI chat — quietly on signup pages.

Secure or mask

One click replaces sensitive text with [redacted] or a team token inline.

Send as normal

Email and forms look ordinary. Recipients unlock in place with Veil or your hosted link.

Teams stay in control

Policy packs, SIEM export, and admin console — without reading message content.

Built for global teams

Veil is listed in the Chrome and Edge stores worldwide. Detection runs in your browser — copilot sees paste and typing locally, not on a regional server.

We validate country-specific formats where standards exist, and flag labeled or high-confidence patterns everywhere else. Policy packs map detections to GDPR, HIPAA, PCI DSS, and SOC 2 context before you send.

Financial

Credit cards (Luhn), IBANs with check digits, SWIFT/BIC, EU VAT (AT, DE, FR, GB, IE, NL), US EIN patterns, bank routing.

Healthcare & identity

Labeled MRNs, UK NHS (Mod-11), US SSN/ITIN, Irish PPS, UK NINO, Canadian SIN, Australian TFN/Medicare, Singapore NRIC, Indian Aadhaar, French INSEE, Dutch BSN, Brazilian CPF, Hong Kong HKID, NZ IRD, Nordic personnummer/CPR, Mexican CURP, Japanese My Number, Korean RRN, Belgian/Taiwan/SA IDs, passports, licences.

Secrets & contact

API keys (OpenAI, Anthropic, Stripe, AWS, GitHub, Slack, SendGrid, Supabase, Twilio, Shopify, and more), JWTs, PEM private keys, database connection strings, passwords, emails, phone numbers, internal ticket refs — across mail, forms, and AI chat surfaces.

Recipients without the extension

Personal and one-time messages include a hosted unlock page. Recipients open the link, enter the passphrase you shared separately, and read the secret in their browser — no install required.

Team tokens and in-thread unlock require the Veil extension for org members.

How teams get started

  1. Admin creates a team and receives a join code and admin sign-in key.
  2. Members install Veil and join with work email.
  3. Everyone secures secrets in mail and web apps; admins apply a policy pack and review metadata-only activity.

IT can deploy via Chrome or Edge policy. Team cloud is billed annually per seat — card required after the trial.

Security & privacy