What happens after the 30-day trial?

Your account automatically downgrades to the Starter plan. All your data is preserved. No credit card is required to start, and you'll never be charged without explicitly choosing a plan. The 30 days are designed for two halves: ~14 days to onboard and train your team, then ~16 days of real-world testing on actual jobs.

Can I switch plans later or à la carte features?

Both. Upgrade or downgrade tiers at any time, OR à la carte any higher-tier feature onto your existing plan without upgrading. Add a Pro feature to Starter, or an Enterprise feature to Professional — pricing matches the published add-on rate.

Does it work offline?

Yes. WorkTrac queues actions (clock in/out, complete tasks, send messages, upload photos) when offline and automatically syncs when you're back online. Your crew can work in basements, tunnels, and dead zones without missing a beat.

Do you integrate with QuickBooks or Xero?

Two-way QuickBooks Online sync is included free on Enterprise, or available as a $19/mo add-on for Starter and Professional. Invoices, payments, and customers sync both directions. WorkTrac is currently in Intuit's production-app review. Xero support is shipping summer 2026.

Does WorkTrac handle OSHA compliance?

Yes — and OSHA reporting is in every tier, including Free. Log incidents with severity, attach photos, and export PDFs ready for inspectors. The Climate Safety add-on layers on real-time heat-index and weather alerts that trigger by job-site location.

Absolutely. We use encrypted storage on-device, secure API tokens, rate limiting, CSRF protection, and certificate pinning. All data in transit is encrypted with TLS. QuickBooks OAuth tokens are encrypted at rest with libsodium. We've passed a comprehensive 48-point security audit.

Can my clients see project progress?

Yes. The Client Portal gives your customers a read-only view of their projects: tasks, timelines, photos, and invoices. They get a private link, no app install needed. Subcontractors get their own portal with bid requests, lien waivers, and shared task visibility.

Do you support multiple organizations or branches?

Yes. Users can belong to multiple organizations and switch between them. Each org has its own branding, settings, and subscription. Multi-branch support (parent org + sub-branches with rollup analytics) is included on Professional (3 branches) and unlimited on Enterprise.

What industries is WorkTrac best for?

WorkTrac is built for field crews: construction, HVAC, plumbing, electrical, mechanic shops, landscaping, distribution, and any business where workers are on the move. The Auto-translate feature makes it work especially well for multilingual crews — a major differentiator for construction.

Can managers see where workers are?

GPS location is captured at clock-in and clock-out for verification. Geofencing can enforce that workers are on-site. Continuous tracking is not performed. We respect worker privacy — DMs and the anonymous grievance channel are off-limits to managers and admins.

Android is our primary platform today. iOS and a cross-platform PWA are on the roadmap. The dashboard and all portals work on any device via web browser, so iPhone users can access everything except the native mobile app.

What records does the chain cover?

Clock-in and clock-out punches with GPS, task completion events, photo evidence (including a hash of the photo itself), OSHA safety incidents, SOS relay alerts, and timesheet approvals. Manager edits to a record are captured as new chain events rather than silent in-place changes, so the audit history is complete.

Can an admin edit a clock-in after the fact?

A WorkTrac admin can correct a clock-in — but the correction is a new signed event in the chain that references the original, not a silent overwrite. The dashboard surfaces edited records with the original value, the corrected value, who edited, and when. Verification still passes; the change is just visible.

Is the verification key published?

Yes. Each org has a public verification key surfaced in the audit trail view of the dashboard. Anyone the org shares an exported event log with — an auditor, an insurer, opposing counsel — can verify the chain without contacting WorkTrac and without an account. The verification code itself is open and runnable independently of WorkTrac.

Does work proof work for events captured offline?

Yes. Signing happens on the device at the moment of capture, before any sync attempt. An event queued offline in a basement, a tunnel, or a rural site carries the same signature as an event captured online; the server validates the signature on ingest when the queue flushes. The chain stays intact across offline gaps.

Back to homeWorkTrac signature

Cryptographic work proof: tamper-evident field records.

Cryptographic work proof is WorkTrac's tamper-evident record system for field crews. Every clock-in, GPS coordinate, photo, task completion, and safety incident is cryptographically signed at the moment it is captured on the device, then chained to the preceding record so any later edit, deletion, or backfill breaks the chain and is visible on audit. The result is a defensible evidence trail that holds up under prevailing-wage audits, billing disputes, OSHA inspections, insurance claims, and DOL investigations — the same arguments where field service contractors routinely lose money to "your word against theirs." Cryptographic work proof is included in every WorkTrac tier, including Starter at $29/mo, and the chain extends across the offline-first sync architecture so events captured in dead zones carry the same signature as events captured online. The verification key is published; auditors can inspect the chain without contacting WorkTrac.

Try the sandbox

Signed at capture

Device signs each event before it leaves the phone.

Chained records

Each event references the previous. Edits break the chain.

Auditor-inspectable

Public verification key. No vendor cooperation required.

What cryptographic work proof actually does

The phrase "tamper-evident" is doing real work here. Most field service tools store records in a database that the vendor — and any admin with the right credentials — can quietly edit. A clock-in time, a GPS coordinate, a safety incident severity, a timesheet approval can all be changed weeks later with no record of the change. That is the failure mode that loses contractors prevailing-wage audits, costs them dispute resolutions, and creates problems on the witness stand in a workers' comp dispute.

WorkTrac signs each captured event on the device using a per-org private key, includes a reference to the previous event in the org's chain, and stores the signature alongside the record. The server validates each signature on ingest and rejects events whose signatures do not match. After the fact, anyone with the org's public key can replay the chain and detect a tampered record by the broken signature link — without needing access to the underlying database and without needing WorkTrac's cooperation.

The result is a record that is honest about its own integrity. A clean chain says "every event in this period is exactly what the device captured." A broken link says "something was changed, here is which record, here is when." That single property converts a contractor's evidence file from "your word" to "checkable."

What gets signed in the chain

The chain covers every capture event the mobile app generates plus the timesheet-approval events the dashboard generates. Adding optional metadata to a record (a manager note, a category change) is also captured as a chain event rather than a silent in-place edit, so the audit history shows who annotated what and when.

Clock-in / clock-out punches

GPS coordinates, accuracy radius, device timestamp, matched geofence ID — all signed.

Task completion events

Required-photo evidence, completion timestamp, completing user, attached comments.

Photo evidence

Photo hash + EXIF + capturing user + parent task or incident.

OSHA safety incidents

Full incident report including severity, witnesses, root cause, and corrective action.

SOS relay alerts

Emergency events with GPS and triggering user. Critical for liability defense.

Timesheet approvals

Approving user, approved set of shifts, approval timestamp. Manager edits show in the chain.

Where work proof pays off

Prevailing-wage and certified-payroll audits are the canonical use case. A DOL investigator asks for the on-site hours for a Davis-Bacon project; the contractor produces the signed chain for the period; the investigator runs verification against the published public key and confirms no records were edited. The audit closes without a finding. The contractor who can't produce this often ends up paying back wages and penalties even when their actual records are accurate — because they cannot prove they didn't edit them.

Billing disputes resolve faster. A client says "your crew wasn't on-site Thursday" — the contractor pulls the signed GPS punches and photos for Thursday, runs verification, and the dispute closes on physical evidence rather than email arguments. Workers' comp claims and OSHA inspections work the same way: the contractor produces the safety-incident record signed at the moment of capture, which the insurer or inspector can verify did not have its severity or root-cause field edited after the fact.

And on the inside-the-business side, work proof neutralizes the small-but-frequent damage from quiet record-edits — a foreman softening a near-miss severity to avoid a conversation, an office admin shifting an inconvenient clock-in by ten minutes. The chain does not prevent these edits; it makes them visible so the company can decide how to handle them.

How verification actually works

Each org has a public verification key surfaced in the dashboard's audit trail view. The org's admin can export a signed event log for any time window — typically a payroll period, a job, or a DOL request — as a JSON file plus the public key. An auditor or third party runs the verification: parse the events in order, recompute each event's expected signature using the public key and the previous event's signature, and confirm every link matches. The verifier code is independent of WorkTrac; an auditor can build it from the published spec or run the open verifier WorkTrac provides. No login, no API key, no vendor cooperation. The whole point of the design is that the records remain checkable even if the contractor loses access to WorkTrac.

FAQ

Common questions, answered.

It is WorkTrac's tamper-evident record system. Every clock-in, GPS coordinate, photo, task completion, and safety incident is cryptographically signed on the device at capture and chained to the previous record. After-the-fact edits break the chain and are visible to anyone with the org's public verification key.

It is a defensible evidence trail: a DOL or state-prevailing-wage investigator receives the signed event log plus the public verification key and confirms no records were edited after capture. Audits often close without a finding even on contested timecards because the contractor can prove they did not alter the records. This is the failure mode that costs contractors the most money in standard "your word against theirs" arguments.

Also explore

GPS Geofencing

GPS punches signed at capture inherit the same tamper-evidence as the chain itself.

Offline Mode

Records captured in dead zones get the same signature as online events. The chain survives offline gaps.

Safety Suite

OSHA incident reports inherit the chain. Inspector-ready records that cannot be edited silently.

See it on your crew, today.

Try the sandbox right now with demo data — no signup, no card. When you're ready, start a 30-day Enterprise trial with every feature unlocked.

Try the sandbox

Launching May 31, 2026

Be first in line on launch day.

Reserve your spot and we'll send you an invite the moment WorkTrac goes live, plus an exclusive launch-week discount for early subscribers.

Days

Hours

Minutes

Seconds

No spam. We'll only email you about the launch.