Every mobile application developer eventually confronts the same question: do you submit to the duopoly, accepting Apple and Google's terms, timelines, and thirty-percent tariff, or do you find a different path to the user's home screen? For most of the last decade, the duopoly's gatekeeping was simply the cost of doing business. That calculation is changing.

Progressive Web Apps, or PWAs, are web applications engineered to behave like native apps: offline capability, push notifications, device hardware access, and crucially, the ability to be added directly to a device's home screen or installed as a desktop application, all without touching a single storefront. The mechanism is an industry-standard web feature supported natively by Chrome on Android and Safari on iOS. The web app manifest, combined with a service worker, signals to the browser that an installable application is present. When a user visits a PWA from a supported browser, the browser itself offers the install prompt. Rapid deployment is the defining advantage: a developer can publish an update and every user receives it the next time they open the app, without a review queue or version approval cycle.

The first blockchain-enabled mobile cyber incident reporting application ships entirely through a URL. No app store. No review queue. No thirty-percent cut. Just a link.

How Homescreen Installation Works

The technical underpinnings are straightforward. A manifest.json file declares the application's name, icons, display mode, and theme color. A service worker intercepts network requests, enabling offline functionality and caching. When Chrome on Android detects these conditions are met, it automatically surfaces an "Add to Home Screen" prompt. The installed icon lands on the device's launcher, indistinguishable from a native app. The application opens in a standalone window with no browser chrome and no address bar, exactly as a native app would.

iOS requires one extra step from the user, as Safari does not surface the install banner automatically. The user taps the Share icon in Safari, then selects "Add to Home Screen." The experience is otherwise identical: a standalone app icon appears on the home screen, and the application launches in full-screen mode. The same application also installs as a desktop app on Windows, macOS, and Linux through Chrome or Edge, with no separate codebase required.

iOS Safari — Add to Home Screen
  1. Open forcestopper.org in Safari on your iPhone or iPad.
  2. Tap the Share button (the box with an upward arrow) in the Safari toolbar.
  3. Scroll the Share Sheet and tap "Add to Home Screen."
  4. Confirm the app name and tap Add in the upper right corner.
  5. The Doxreporter icon now appears on your home screen and opens as a standalone app.
Android Chrome — Install App
  1. Open forcestopper.org in Google Chrome.
  2. Chrome displays an "Add to Home Screen" banner or an install icon in the address bar. Tap it.
  3. Tap Install when prompted.
  4. The app icon appears on your Android home screen and app drawer, launching in standalone mode.
Desktop — Chrome or Edge — Install as Desktop App
  1. Open forcestopper.org in Google Chrome or Microsoft Edge on any desktop operating system.
  2. Look for the install icon (a monitor with a down-arrow) in the right side of the address bar.
  3. Click it and confirm the installation dialog.
  4. Doxreporter opens in its own window, separate from the browser, and appears in your system's app launcher or taskbar.

The Application: Doxreporter

The case study demonstrating this distribution model in production is Doxreporter, the first blockchain-enabled mobile cyber incident reporting application, deployed at forcestopper.org. The premise is practical: cyber incidents rarely occur in controlled environments. They happen in the field, during off-hours, from devices that are not desktops and not connected to organizational terminals. Doxreporter was built to meet that reality, a reporting tool that goes where the incident is.

The design philosophy centers on two needs that most existing tools address separately: redundant, mobile-first reporting, and immutable storage of incident metadata. Doxreporter combines them in a single lightweight application that installs from a URL and works from anywhere with a cellular or Wi-Fi connection.

Video demo: Doxreporter in action — PWA install, incident submission, and blockchain anchoring walkthrough. Watch at youtu.be/6AeG1OC5FDU

Blockchain-Backed Immutability

Every report submitted through the Professional and Enterprise tiers is anchored to a blockchain record. The metadata includes the timestamp, incident classification, geographic coordinates where available, and a content hash of the report, written to an immutable ledger. The practical consequence is significant: the record cannot be altered after the fact. This matters in two contexts that organizations encounter repeatedly. In a post-incident forensic investigation, an immutable timestamped record of when and where an anomaly was first observed is a chain-of-custody document. In an insurance claim, that same record is evidence that the incident was reported contemporaneously and that the report has not been modified since submission.

The system is deliberate about privacy. Coordinates are used as primary identifiers where geolocation is available; personal and sensitive information is redacted and is never stored on submitted reports. There is no personally identifiable data persisted on the backend. The blockchain record preserves what is needed for evidentiary purposes while avoiding the data governance exposure that comes with storing individual identifiers.

Redundant Reporting as an Organizational Asset

Most incident reporting systems are built around desktops and VPNs. When those systems are themselves compromised, or when the incident occurs in a location where they are inaccessible, reporting breaks down. Doxreporter treats mobile devices as a parallel, independent reporting channel. A field technician, a remote worker, a contractor on-site at a third-party facility: all can submit a structured incident report from the Doxreporter interface on their personal device, sending cryptographically anchored notification links to up to ten configured email recipients simultaneously.

Incident data aggregated across an organization or across organizations sharing a data pool becomes analytically useful. Reports carry location metadata and classification tags. Over time, those data points surface geographic concentrations of incident types, recurring vulnerability patterns, and temporal trends that a single-organization view would miss. The Enterprise tier is designed for exactly this kind of federated analysis.

Q & A — Behind the Design Decisions

How was the privacy architecture designed?

Geographic coordinates serve as primary incident identifiers where location services are available. Personal and sensitive information is redacted before storage and is never written to reports. The blockchain record preserves what is necessary for evidentiary purposes, specifically the timestamp, classification, location hash, and content hash, while holding no individually identifiable data.

Why build a mobile-first reporting tool?

The team identified a structural gap: most incident reporting infrastructure depends on desktops and network access that may themselves be part of the incident. Mobile devices are physically separate from organizational terminals and frequently remain operational when fixed infrastructure is compromised. Using mobile as a reporting channel introduces genuine redundancy, not just a second interface for the same pathway.

Who is the intended user?

The public version at forcestopper.org is open to any individual or organization that needs to file a cyber incident report. The Professional subscription unlocks the full feature set: blockchain storage, multi-recipient email, and analytics. The Enterprise tier is configurable for organizational deployment, including SIEM and SOAR integration, and is designed for security operations teams that need a compliant, auditable reporting pipeline that functions in degraded-network or remote conditions.

Why distribute without an app store?

PWA distribution removes the gatekeeping, review timelines, and revenue sharing imposed by the iOS App Store and Google Play. It also means the application can be updated instantly without resubmission, and it works on any device with a standards-compliant browser. For a security tool where version currency matters, that is a meaningful advantage.

Feature Overview

⛓️
Blockchain Anchoring
Report metadata is written to an immutable ledger, producing a tamper-evident record for investigations and insurance claims.
📍
Location-Aware
Coordinates are used as primary identifiers where available. Reporting functions fully without location services enabled.
📬
Multi-Recipient Alerts
Professional subscribers send report links to up to 10 specified email addresses per submission, with a 20-report daily limit.
📲
Home Screen Install
Installs on iOS, Android, and desktop from a browser URL. No app store account or download required.
🏢
Public Office Directory
Built-in contact information for regional public offices responsible for cyber incident reporting.
📊
Aggregate Analytics
Incident data across organizations identifies location-specific soft spots and emerging threat trends.

Subscription Tiers

Tier Pricing Core Capabilities
Free Free $0 / mo Mobile and desktop access, incident reporting via email, interface familiarization. Blockchain storage for first report. Designed to lower the barrier to first use.
Professional Pro $1.77 / mo Blockchain-backed immutability for a set number of reports per period, email notifications to up to 10 recipients, up to 20 reports per day, and basic analytics.
Enterprise Enterprise $$$ / mo Unlimited blockchain storage, advanced AI-driven threat detection, full SIEM and SOAR integration, configurable organizational deployment, and federated incident data analytics.

App Links and Resources

Doxreporter — Official Links
🚀 Live Application forcestopper.org 💼 LinkedIn — Company Page linkedin.com/company/106456614 🐱 Product Hunt — Leave a Review producthunt.com/products/doxreporter/reviews/new 📡 Launch.app Listing launch.app/doxrep ▶️ Demo Video — YouTube youtu.be/6AeG1OC5FDU

The Broader Implication

Doxreporter's distribution model is a proof of concept for something larger than a single application. The web platform has matured to the point where the app stores are optional infrastructure, not mandatory ones. Any organization building a mobile tool that requires rapid deployment, frequent updates, or distribution outside the consumer marketplace has a viable alternative path. The PWA model means no review queue, no platform tax, and no dependency on a third party's continued goodwill.

For security tooling specifically, the implications compound. A cyber incident reporting application that can be deployed to any device with a browser link, updated instantly in response to emerging threat patterns, and uninstalled just as easily, is inherently more agile than one locked inside a storefront review cycle. Combined with blockchain anchoring for evidentiary integrity and mobile architecture for operational independence, Doxreporter represents a template worth examining for anyone building the next generation of enterprise security infrastructure.

Try the public version now — no account required to start.

Visit forcestopper.org in any mobile browser and install to your home screen in under a minute.

Open forcestopper.org →