Five-layer anti-proxy
Rolling join code, building geofence, HMAC heartbeats with monotonic nonces, pinned device fingerprint, and optional face recognition — every layer, every attendance, every day.
Presence by Animweb is a multi-tenant platform that fuses real-time anti-proxy classroom attendance with a full academic ERP — courses, marks, assignments, leaves, library, hostel, transport, sports, placement and fees. Built for Indian universities, engineered end-to-end by AwT Labs.
Presence answers two questions every university asks every single day: “Who is actually in this room right now?” and “Where does that fit in everything else this student does?”
Presence is delivered as a Progressive Web App — no Play Store, no App Store. Students and faculty open the university’s own subdomain in any phone or laptop browser; on Android and iOS it installs to the home screen for a native-like feel.
The platform is multi-tenant by design. Every subscribing university receives a dedicated database, a dedicated backend running the Presence codebase, a static frontend on its own subdomain or custom domain, and branding configured by the super-admin and stored in the university’s own database.
Attendance is the honest signal at the core. Everything else — marks, assignments, leaves, library, hostel, transport, sports, placement, fees and a tamper-proof audit trail — is built on top of it.
Version 1.0 is production-ready as of May 2026 — engineered, deployed, monitored and supported in-house by AwT Labs, with no third-party outsourcing between the customer and the engineering team.
Animweb Technologies is a registered Indian technology company — the parent entity that owns the Presence platform, holds the customer contracts, raises invoices, and provides commercial and contractual support. It is registered for GST and recognised under the Government of India’s MSME (Udyam) initiative.
AwT Labs is the engineering and product-development arm. It designs, builds, tests, deploys, monitors and supports the platform end-to-end. There are no third-party outsourcing layers between the customer and the engineering team.
A single engineering team for every feature, every fix, every incident — no finger-pointing between vendors.
Direct conversation between your IT team and the people who wrote the code, with no commercial intermediary.
You retain full ownership of your data; on contract end a complete export is provided within 30 days.
A teacher opens a session; the system generates a 6-digit join code that rotates every 30 seconds. Students enter it, the server verifies their GPS is inside the building geofence, and marks them present — live counter over WebSocket.
(1) Rolling 30-second code; (2) building-scoped geofence; (3) HMAC-signed heartbeats with monotonic nonces; (4) device fingerprint pinned at first punch-in; (5) optional face recognition. All five must pass, every day.
The server inspects three independent signals and rejects any attendance call from a laptop or desktop. Students see a friendly QR screen; faculty and admins still manage from any device.
Each student registers a WebAuthn passkey on their phone. The private key never leaves the secure element; before each attendance the phone signs a fresh server-issued challenge.
Runs entirely in the phone’s browser. It produces a 128-number descriptor, encrypts it with AES-256, and only the encrypted descriptor reaches the server. No photo is ever transmitted or stored.
Register academic blocks, labs, library, hostels and sports complex with circular or polygon geofences. A chemistry-lab session can only be marked from inside the chemistry lab.
Signed heartbeat every 15 seconds. Leave the building mid-class and the next heartbeat fails the geofence — the student is auto punched-out as ‘left early’, visible live to the teacher.
Teachers correct any entry with a written reason. Every correction logs corrector identity, old value, new value, IP and timestamp, and notifies the affected student in real time.
Departments host courses with custom durations — B.Tech 4 yr, BBA-LLB 5 yr, BCA 3 yr, PhD 6+ yr. The admin UI is driven entirely from course configuration; no code changes for a new program.
Hierarchical structure: Department → Cluster (year/batch) → Section → Subject. Each level has its own administrator role and reporting scope.
Per-section timetable with day-of-week slots, subject, teacher and room. The engine auto-creates attendance sessions when a slot’s start time arrives.
Per-subject, per-exam marks (single or spreadsheet-style bulk grid). The system computes grade letters on configurable boundaries, then SGPA and cumulative CGPA automatically.
Targeted assignments with due date, file rules and attachment limits. Resubmissions append to full version history; every file gets a SHA-256 hash — collisions flag both submissions in real time.
A student applies for OD linked to a club event. The organiser reviews first; on approval it routes to Faculty/HOD/Mentor. Once approved, every session in range is auto-marked ‘excused’.
One CSV with students, teachers, HODs, deans, mentors, cluster heads, dept-heads or admins. Every row validated, duplicates detected by email and roll number, strong unique passwords generated, up to 20,000 rows in batches.
Admin downloads a credentials CSV grouped by department, year and section. The link expires after 24 hours; passwords are never stored beyond that window.
Every imported user must change their password first. New passwords need ≥10 characters, all character classes, and cannot contain the user’s name, email or roll number.
Central, Law, Engineering, Medical — each with its own books, staff, head librarian, loan period, fine rate and per-student limits. Catalogues never collide across libraries.
Staff can only issue/return for libraries they belong to. Cross-library actions are blocked at the API level; library heads add staff and set policy.
Place a hold on a checked-out book; the wait queue auto-promotes the next person on return with a 3-day pickup window. Renewal is blocked if anyone has reserved it.
Library overdues create a real Fee document (category=fine) so it appears beside tuition and is paid through the regular flow — same for transport, hostel and uniform fines.
Until the university provides merchant credentials, the system runs in manual mode — the accounts office records cash/cheque/DD/UPI-offline and issues a sequential receipt instantly. Add the gateway and the same flow switches to online. No code change.
Use a different merchant account per department + year — each Fee Structure carries its own gateway link, so different cohorts can route to different accounts.
One Fee Structure defines fees per department × course × year × (optional) semester with line items: tuition, hostel, mess, transport, library, lab, exam, caution deposit. ‘Apply to cohort’ creates per-student fee documents.
Any staff member can raise a fine with a source enum (library, transport, hostel, uniform, disciplinary). Fines sit beside fees and pay through the same flow; bulk fines import via CSV.
Every payment generates a receipt numbered per institution + academic year (e.g. PRES/UNIV/2025-26/00042), recording amount, method, biller GSTIN and address. Receipts are immutable once issued.
Online payments arrive via a gateway webhook whose payload is HMAC-verified using the per-institution secret before any fee is marked paid — eliminating spoofed-callback fraud.
Leave approved, book due tomorrow, attendance corrected, placement shortlist — each arrives within milliseconds via WebSocket and is stored for catch-up after reconnect. Filter by category, mark all read.
During a session the teacher sees present count, who has joined, violation flags and the rotating join code — all updating in real time.
Admins receive live events from every module they oversee — imports, fee payments, library issues, security incidents, leave approvals — in one unified feed.
Every 60 seconds an automated detector scans the last 5 minutes of audit events for brute-force, refresh-token reuse, mass deletion, bulk-write spikes, proxy rings and unusual admin access — emitting alerts and creating Security Incidents.
Every request’s Host header is validated against a dynamic allowlist. Unknown hosts performing unsafe methods are rejected with HTTP 421 — defending against subdomain takeover and host-header injection.
Each university lives on its own dedicated database. The connection-routing layer ensures a request can only reach the database of the institution embedded in its JWT.
TLS 1.3 minimum, HSTS preload, strict CSP, X-Frame-Options DENY, locked Permissions-Policy, plus enterprise-grade DDoS protection and a WAF at every edge.
Every administrative action — login, role change, mark correction, password reset, bulk import, fee waiver — is logged to a master audit log retained for the subscription period.
Refresh-token replay is treated as session hijack: the entire session is invalidated, a critical incident is created, and the user must re-authenticate from a fresh device.
Student → Club Organizer → Teacher → Mentor/HOD → Dean → Cluster Head → Dept Head → University Admin → Super Admin. Every route and page is locked to a minimum role.
Each university gets a subdomain or custom domain. Visiting the URL loads that university’s logo, theme and name on the login page — no institution codes to type.
The super-admin enters the database, backend and frontend URLs, uploads the logo and picks colours. One click validates and pushes branding into the university’s own database.
Re-sync branding any time — a single request pushes new assets to the tenant database and clears the relevant caches.
The super-admin can suspend an institution (e.g. non-payment); its users are logged out immediately and login is blocked until re-activation.
To troubleshoot a tenant, a super-admin issues a 10-minute impersonation token; every action is recorded with the super-admin’s original identity for full accountability.
Import users, sections, subjects, fee structures and fines; export attendance, fees, payments and library issues — all streamed row-by-row from a cursor so exports scale to gigabytes without exhausting memory.
Attendance older than 1 year auto-moves to a cold-storage collection in the same database; the hot collection stays small and fast. Read notifications >30 days are purged; audit retention is tier-based.
Block-and-room inventory with capacity tracking. Residents raise maintenance tickets (plumbing, electrical, wifi, pest…) with priority and photos, routed to staff with live status updates.
Bus-route catalogue with stops, pickup times, vehicle and driver details. Students self-register for a route and stop; transport staff get their own dashboard.
Events with registration windows, tournament status and registered-student lists — fully wired to role-based notifications and live updates.
Drives with eligibility filters (branch, CGPA, backlogs), student applications and selected lists. The placement office sees consolidated cross-department dashboards.
Cultural, technical, sports, literary, social and academic clubs with faculty advisor, core team and participants. Events use the same anti-proxy attendance as classes.
Parents log in to a read-only view of their child’s attendance, marks, leaves, fines and disciplinary events. Parents cannot modify any record.
Works on any smartphone browser. ‘Add to Home Screen’ on Android and iOS installs it like a native app — no store download, every reload is the latest version.
User-selectable, persisted in browser storage, defaulting to system preference. Each university’s brand colours apply as CSS custom properties.
Every data-fetching page renders a shimmering skeleton while loading — never a blank screen, never a spinner-only experience.
A single codebase scales from a 320 px phone to a 4K monitor. The sidebar collapses, table columns reflow, action menus adapt to thumb-zones.
Every request touching academic data is routed by the connection layer to the database of the institution in its JWT. A manipulated token still routes to the user’s own database — where the records they ask for do not exist.
All live updates flow over a WebSocket messaging layer. Rooms are scoped per user, per institution, per section, per session, per admin tier, and globally for super-admin security alerts.
User-Agent, Sec-CH-UA-Mobile client hint, and a JS device class header are all checked server-side. Laptops get a friendly QR ‘open on your phone’ page, not an API error.
Rolling join code, building geofence, HMAC heartbeats with monotonic nonces, pinned device fingerprint, and optional face recognition — every layer, every attendance, every day.
Login 10 / 15 min, heartbeat 5 / min, bulk import 5 / hour, biometric register 3 / min — user-keyed when authenticated, IP-keyed when not.
≥10 characters with all character classes, never the user’s email local-part, name or roll number, never an obviously-weak password. Stored with an industry-standard adaptive hash (12 rounds).
A 60-second engine flags brute-force, refresh-token reuse, mass deletion, ransomware-style write spikes, proxy rings and unusual admin access — with real-time alerts to every admin.
Every administrative action is logged and retained for the subscription period. Super-admin impersonation is time-bound and attributed to the original identity.
TLS 1.3, HSTS preload, strict CSP, frame-deny, locked Permissions-Policy, enterprise DDoS protection and a WAF at every edge.
The animated showcase below cycles continuously through four moments of a live session — the student opening the app, completing biometric verification, punching in, and the administrator watching the live console update in real time. This is the genuine product experience.
| Student | Roll No. | Department | Face | Status | Punched In |
|---|---|---|---|---|---|
| ASAarav Sharma | 22-CSE-109 | CSE | ✓ | Present | 11:52 |
| PMPriya Menon | 22-CSE-110 | CSE | ✓ | Present | 09:44 |
| RKRahul Kumar | 22-CSE-111 | CSE | ✓ | Absent | — |
| ISIsha Singh | 22-CSE-112 | CSE | ✓ | Present | 09:41 |
| NVNikhil Verma | 22-CSE-113 | CSE | — | Scanning | — |
| SASneha Agrawal | 22-CSE-114 | CSE | ✓ | Present | 09:38 |
| KPKaran Patel | 22-CSE-115 | CSE | ✓ | Present | 09:51 |
For illustration purposes only. This showcase displays pre-coded, synthetic data with no backend connection and no persistence. The animation cycles automatically to demonstrate the genuine student and administrator experience. Every live deployment of Presence is configured per university — interface, branding, modules, data, and behaviour will differ and are fully controlled by your institution. Talk to us for a real walkthrough →
Onboarding kick-off call scheduled the moment the contract is signed.
University provides academic structure (departments, courses, sections) and branding assets.
Sandbox provisioned, subdomain wired, branding pushed via the link-university flow.
A sample department goes live while faculty leadership is trained.
Bulk-import CSVs prepared; first training session delivered to faculty leadership.
Sample department goes live with attendance, marks and leave workflows.
Second training session — admin operations and super-admin functions.
Every module enabled; all faculty and students onboarded.
Library, hostel, transport, sports and placement modules enabled.
Full rollout — all faculty and students onboarded.
On-call support and daily check-ins, then the regular support cycle.
Hyper-care period: on-call support, daily check-ins, prioritised issue resolution.
Regular support cycle; monthly invoice.
Strictly for short-term evaluation — max 30 days, max 50 students. Not for production use.
The full Presence stack for a single-campus college — dedicated database, dedicated backend, your branding.
For multi-campus universities — higher limits, dedicated clusters, all department modules included.
For large multi-state networks — enterprise-dedicated database, autoscaling compute, custom rules.
| Feature / Limit | Free₹0 | Pro₹87,500 / wk | Executive₹1,02,500 / wk | EnterpriseCustom |
|---|---|---|---|---|
| Capacity | ||||
| Max students | 50 | 10,000 | 40,000 | Unlimited |
| Staff accounts | 10 | 750 | Unlimited | Unlimited |
| Departments | 1 | 30 | Unlimited | Unlimited |
| Campuses / buildings | 1 / 1 | 5 / 25 | 25 / 200 | Unlimited |
| Database storage | 0.5 GB | 500 GB | 2 TB | 5 TB+ |
| File storage | 0.5 GB | 1 TB | 5 TB | Custom |
| Attendance history | 7 days | 5 years | Lifetime | Lifetime |
| Anti-proxy attendance | ||||
| Mobile-only attendance | Yes | Yes | Yes | Yes |
| GPS multi-building geofence | — | Yes | Yes | Yes |
| Rolling codes + signed heartbeats | — | Yes | Yes | Yes |
| Fingerprint biometric (WebAuthn) | — | Yes | Yes | Yes |
| Face recognition (browser-side) | — | Yes | Yes | Yes |
| Anti-proxy defence | Partial | Full | Full | Full |
| ERP modules | ||||
| Bulk user import (all roles) | Limited | Yes | Yes | Yes + ERP sync |
| Multi-library support | Single | Up to 3 | Unlimited | Unlimited |
| Library reservations + renewals | — | Yes | Yes | Yes |
| Hostel + maintenance tickets | — | Add-on | Included | Included |
| Transport module | — | Add-on | Included | Included |
| Sports + placement modules | — | Add-on | Included | Included |
| Parent portal | — | Read-only | Read-only + alerts | Full |
| Assignments · multi-file | — | Up to 5 | Up to 10 | Configurable |
| Plagiarism hash detection | — | Yes | Yes | Yes |
| Payments | ||||
| Manual payment recording | Yes | Yes | Yes | Yes |
| Online gateway + per-course routing | — | Yes | Yes | Multi-merchant |
| Auto receipt generation | — | Yes | PDF + email | Yes |
| Bulk fines CSV import | — | Yes | Yes | Yes |
| Security & operations | ||||
| Real-time threat detection | — | Yes | Yes | Yes + custom rules |
| Subdomain / host guard | Yes | Yes | Yes | Yes |
| Cross-tenant security alerts | — | — | — | Yes |
| Super-admin impersonation (audited) | — | — | — | Yes |
| Audit log retention | 30 days | 1 year | Lifetime | Lifetime + export |
| Backup frequency | Weekly | Daily | Continuous + daily | Multi-region |
| Uptime SLA | Best-effort | 99.5% | 99.9% | 99.99% |
| Support & commercials | ||||
| Custom domain (HTTPS) | — | Yes | Yes | Yes |
| White-label branding | — | Logo + colours | Full | Full + reseller |
| SSO (Google / Microsoft) | — | Yes | Yes | Yes + SAML 2.0 |
| Multi-language UI | — | English + Hindi | All Indian langs | Custom |
| Technical support | Chat · 24 h | Phone+chat · 4 h | 24×7 dedicated | |
| Training sessions | None | 2 | 10 | Unlimited |
| Warranty | — | 2 months | 3 months | 4 months |
Warranty begins on go-live: Pro 2 months, Executive 3 months, Enterprise 4 months — covered at no additional cost.
Software defects and bugs, downtime beyond the contracted SLA (prorated credit), platform-side data-integrity issues, critical security patches within 24 hours, and setup-side configuration errors.
New feature requests, issues from your IT team modifying server config, third-party outages, data loss from incorrect admin-provided data, and changes required by new regulation after signing.
After warranty, maintenance, updates and priority support are bundled into the monthly subscription — no separate annual maintenance contract.
Every university grows. As a university’s data and compute footprint approaches its tier allocation, the billing team monitors the growth trend. When a price increase becomes necessary, the university is notified in writing 15–20 calendar days before the adjusted amount takes effect. The advance notice always contains:
The additional amount is added to the regular monthly invoice from the effective date. There is no one-time upgrade fee — only the new monthly rate, covering the increased infrastructure provisioned specifically for that university.
Presence is a multi-tenant SaaS that combines real-time anti-proxy classroom attendance with a full academic ERP — courses, marks, assignments, leaves, clubs, library, hostel, transport, sports, placement and fee management. It is engineered, deployed and supported in-house by AwT Labs and is production-ready as of May 2026.
Five independent layers, all of which must pass: a rolling 30-second join code, a building-scoped geofence, HMAC-signed heartbeats with monotonic nonces, a device fingerprint pinned at first punch-in, and optional browser-side face recognition. Attendance can only be marked from a phone or tablet — never a laptop or desktop.
No. Face recognition runs entirely in the phone’s browser. It produces a 128-number descriptor, encrypts it with AES-256, and only the encrypted descriptor reaches the server. No photo is ever transmitted or stored — for 10,000 students total face data is roughly 5 MB.
Yes. Every university lives on its own dedicated database with zero shared collections. The connection-routing layer enforces that a request can only reach the database of the institution embedded in its JWT — a manipulated token routes the user to their own database, where the records they ask for do not exist.
Free is evaluation only. Pro is displayed at ₹87,500/week (billed ₹3,50,000/month), Executive at ₹1,02,500/week (billed ₹4,10,000/month), and Enterprise is custom-quoted. All subscriptions are billed monthly only — there is no annual or multi-year billing. Universities commit one month at a time. A data export is available at ₹2,00,000 with 30+ days’ written notice, or ₹4,00,000 without.
Once a service contract is signed with Animweb Technologies, no monetary refund is issued under any circumstance — including policy, preference or deployment changes. You may exit at the end of any monthly cycle by giving 30 days’ notice; already-paid months are not refunded.
Until the university provides its merchant gateway credentials, the system runs in manual mode — the accounts office records cash/cheque/DD/UPI-offline and the system issues a sequential receipt instantly. The moment the gateway is configured, the same flow switches to online with no code change. Different cohorts can route to different merchant accounts.
Warranty begins on go-live and runs 2 months on Pro, 3 on Executive, 4 on Enterprise. It covers software defects, SLA breaches (prorated credit), platform-side data-integrity issues and critical security patches within 24 hours. After warranty, maintenance and support are bundled into the monthly subscription.
No store download. Presence is a Progressive Web App — open your university’s subdomain in any browser and ‘Add to Home Screen’ on Android or iOS for a native-like experience. Every reload is automatically the latest version.
You retain full ownership of your data at all times. On contract end, a complete export is provided within 30 days. Animweb Technologies does not mine or resell institutional data.
As your footprint approaches your tier allocation, you are notified in writing 15–20 days before any adjustment, with current and projected utilisation, the proposed new monthly amount, the allocation increase it covers, and the effective date. There is no one-time upgrade fee — only the new monthly rate.
Use the form below — a real person at Animweb Technologies reads every submission.
Credentials are shared after contract sign-off, per the implementation timeline.
Best-effort email response for evaluation deployments.
First response within 24 hours.
Priority phone and chat, first response within 4 hours.
24×7 dedicated team with a named account manager.
A dedicated security channel — responsible disclosure honoured.
Public status and incident history.