How It Works Enterprise Solutions Use Cases Where It Goes Plans Become a Partner Pre-Order My Account
Museum, Gallery & Auction House Security

$14M Gone
at 4:08am.
The Camera Caught
a Blurred Hood.

Fine art crime is the third-largest illicit market in the world after drugs and arms. The Gardner heist still hasn't been solved 35 years later. Insurance carriers no longer underwrite uninsured-quality security at any premium. Digital Tripwire produces device-level proximity records on every gallery wall, every storage vault, every loading dock, and every loan transfer event, with the chain of custody required by AAM accreditation, AXA Art coverage, and the FBI Art Crime Team.

Request a Collection Briefing
The Problem
Cameras Watch. TMS Tracks.
Neither Identifies Who Was
in the Vault.

Museums, galleries, and auction houses operate on infrastructure built for an art market that no longer exists. The original assumption was that the threat came from the outside: smash-and-grab heists, after-hours forced entry, masked burglars. The modern reality is that the dominant fine art crime pattern is internal: a registrar, a curator, a conservator, an art handler, or a long-trusted contractor who walks an authenticated piece off the back dock during a perfectly normal week. The Gardner heist remains unsolved 35 years later. Multiple recent fine art losses at major institutions involved staff with full collection access. Cameras might catch a silhouette in the gallery. They cannot identify the person who was holding a deaccession waiver in the vault during the moment a piece moved from "on view" to "in storage" to "missing."

The result is an extraordinary mismatch between the value of what's protected and the forensic record produced when something goes wrong. Insurance carriers (AXA Art, Chubb Fine Art, AIG Private Client, Berkley One) increasingly refuse to underwrite institutions that cannot produce defensible chain of custody on every collection movement. Loan agreements between major museums require documented physical security that goes beyond cameras and badge access. The FBI Art Crime Team and Interpol's stolen art database close cases on forensic evidence, not on grainy footage. Digital Tripwire was built to produce the evidence that the existing infrastructure cannot.

$6B+
Annual fine art
crime worldwide
~10%
Recovery rate for
stolen fine art
~80%
Of museum theft is
internal or insider-aided
35yr+
Gardner heist still
unsolved since 1990
Museum gallery with works on display
Digital Tripwire nodes deployed in museum gallery
The Solution
Every Zone Logs the
Device Cluster Present.

Digital Tripwire deploys at the high-value, regulated zones across museum, gallery, and auction house operations: gallery thresholds and walls, secure storage vaults, conservation labs, registration and shipping rooms, loading docks, evening-sale floors, vault transfer corridors, and the back-of-house spaces where collection movements actually happen. The hub sits in the security office or registrar's workstation on standard power. The deployment scales from a single private gallery to a national auction house network with peak-event coverage on evening-sale weekends.

When a node detects motion or proximity, it scans every Bluetooth and Wi-Fi device within 10 feet and writes the result to a tamper-evident, encrypted log. MAC address, signal strength, distance, timestamp. Uploaded over LTE-M cellular, independent of facility network or collection management system. The proximity log cross-references against TMS, Argus, NetX, and FileMaker collection records, against loan-out and loan-in events, against deaccession waivers, and against conservation transfers. The piece that moved from gallery to vault at 4:08am has a device cluster attached. The deaccession that triggered an underwriter audit produces a forensic record that satisfies AAM, AXA Art, and the FBI Art Crime Team simultaneously.

  • TMS, Argus, NetX, FileMaker integration as audit-ready feed
  • Loan-out and loan-in chain of custody for traveling exhibitions
  • Deaccession waiver and movement record correlation
  • LTE-M cellular. Independent of facility network or collection system.
  • AAM accreditation, AXA Art, AIG, FBI Art Crime Team aligned.
The Node Ecosystem
Hidden in the Wall.
Hidden in the Vault.

Nodes embedded across the regulated zones of museum, gallery, and auction house operations: gallery thresholds, secure storage vaults, conservation labs, loading docks, and evening-sale floors, with chain of custody coverage for traveling exhibitions and loan-out events.

Tap any node to see what it protects
Placement Guide
8 Spots Across Every Institution

Strategic node placement covers the high-value zones across museums, galleries, and auction houses. Designed for AAM-accredited institutions, AXA Art-underwritten collections, and major auction house evening-sale operations.

V
Storage Vault
Inside vault frame. The highest-value zone in the institution.
G
Gallery Threshold
Inside door frame. Public exhibition flow and after-hours.
D
Loading Dock
Inside dock frame. Loan transfer and shipper handoffs.
L
Conservation Lab
Inside frame. Treatment and examination chain of custody.
R
Registration
Inside frame. Accession, deaccession, loan documentation.
C
Transfer Corridor
Wall mount. Movement between vault, lab, and shipping.
A
Auction Floor
Mounted to fixture. Evening-sale peak inventory.
T
Conservator Tool Room
Inside frame. Pre-event signal touchpoint.
Fine Art Insurance & Underwriter Posture
Cameras-Only Security
Is No Longer Underwritable.

The fine art insurance market has shifted decisively in the past five years. AXA Art, Chubb Fine Art, AIG Private Client, Berkley One, and the major Lloyd's specialty syndicates have systematically tightened underwriting requirements for museum, gallery, and private collector policies. Documented physical security is no longer a discount factor — it is increasingly a coverage prerequisite. An institution that cannot produce defensible chain of custody on collection movements, deaccessions, loan transfers, and after-hours access faces premium increases of 25-50% at renewal, coverage exclusions on traveling exhibitions, and in some cases outright non-renewal. The underwriting question has evolved from "do you have cameras" to "can you produce a forensic record of who was actually present at the moment of every collection movement."

Digital Tripwire is the answer. The system produces hash-signed, timestamped, exportable proximity logs that satisfy AXA Art's chain-of-custody documentation standards, Chubb Fine Art's physical security control framework, and the AIG Private Client risk assessment process. Most institutions recover the deployment cost through premium reduction within two renewal cycles. Several have negotiated coverage on previously-uninsurable traveling exhibitions specifically because of the device-level proximity record the system produces.

  • AXA Art chain-of-custody documentation alignment
  • Chubb Fine Art physical security control framework
  • AIG Private Client and Berkley One risk assessment ready
  • Lloyd's specialty syndicate documentation export
  • Premium reduction at renewal: 5-15% typical, more on high-value collections
Fine art insurance documentation and conservation assessment
Auction house evening sale floor
Auction Houses & Evening-Sale Peak Exposure
Six Hours Tuesday Night.
$420M on the Floor.

Auction houses operate under a fundamentally different exposure profile than museums. Christie's, Sotheby's, Phillips, Bonhams, and Heritage all manage extreme peak inventory windows: the night of an evening sale, the days before the sale during preview, the immediate post-sale collection period when buyers retrieve newly-purchased works. Hundreds of millions of dollars in inventory concentrate at a single physical location for a finite, predictable, advertised window. The standard security stack (cameras, badge access, security personnel) is engineered for steady-state operations, not for the operational reality of a $420 million peak-night exposure with hundreds of bidders, viewers, and shippers in motion.

Digital Tripwire deploys with auction-house-specific configurations: temporary high-density node deployment for evening sale weeks, permanent infrastructure for the vault and warehouse, and per-lot proximity logging for the highest-value works during the sale event window. The proximity log produces hash-signed records that document every device cluster present at every lot during preview, sale, and collection. The post-event audit produces a forensic record that satisfies the buyer's insurance, the consignor's policy, the Lloyd's specialty market, and the auction house's own risk-management posture simultaneously.

Provenance, AAM Accreditation & Recovery Networks
Built for the Authorities
That Matter.

The fine art world operates under a stack of professional, regulatory, and recovery frameworks that govern every aspect of collection management. AAM (American Alliance of Museums) accreditation requires documented physical security and collection management protocols. AAMD (Association of Art Museum Directors) provides ethical and operational guidelines for major institutions. ICOM (International Council of Museums) defines global standards for collection care. The FBI Art Crime Team and Interpol's stolen art database coordinate recovery for international fine art theft. The Art Loss Register provides commercial provenance verification for sales and acquisitions. The deployment must satisfy every framework simultaneously, and a security technology vendor that does not understand the provenance and recovery infrastructure is a vendor that fails the first AAM accreditation review.

Digital Tripwire is engineered against the full institutional stack from the start. The proximity log integrates with TMS, Argus, NetX, and FileMaker collection management platforms as an audit-ready feed. Loan-out and loan-in events are documented with hash-signed records that satisfy lender contract requirements. Deaccession waivers cross-reference against actual movement records. Recovery network integration produces evidentiary packages that the FBI Art Crime Team and Interpol can act on directly.

AAM Accreditation AAMD ICOM FBI Art Crime Team Interpol Stolen Art DB Art Loss Register TMS / Argus / NetX
Museum collection provenance and registration documentation
The Difference
Cameras & TMS vs. Digital Tripwire
CapabilityDigital TripwireExisting Layer
Identifies devices, not silhouettes-
TMS / Argus / NetX correlationHash-signed logCatalog only
Detects insider and conservator patternsLimited
Loan-out and traveling exhibition coverage-
Independent of facility network / CMSLTE-M cellularRequires network
Tamper-evident chain of custodyDVR can be wiped
Underwriter audit-ready exportCSV / JSON + hashVaries
Auction-house peak-event coverageSteady-state only
RetentionCloud, indefiniteTypically 30-90 days
Institutional FAQ
Common Questions
How does this satisfy AAM accreditation requirements?+
AAM accreditation requires documented physical security, collection management protocols, and chain of custody on collection movement. Digital Tripwire produces hash-signed proximity logs that satisfy the documentation standards AAM accreditation reviewers look for, particularly for the Collections Stewardship and Facilities and Risk Management standards. The proximity log integrates with existing TMS, Argus, and NetX collection management platforms as a supplemental audit feed, not as a replacement, and is documented as an additional control layer during the next accreditation review cycle.
How does this affect fine art insurance premiums and coverage?+
Fine art insurance carriers (AXA Art, Chubb Fine Art, AIG Private Client, Berkley One, Lloyd's specialty syndicates) increasingly require documented physical security as a coverage prerequisite, not just a discount factor. Institutions with hash-signed chain-of-custody records on collection movements typically negotiate 5-15% premium reductions on permanent collection policies, broader coverage on traveling exhibitions, and in some cases coverage on works that were previously uninsurable. The deployment is documented as a control infrastructure addition during the next renewal cycle, with the carrier's risk engineering team supporting the evaluation.
How does this work for traveling exhibitions and loan-out events?+
Traveling exhibitions are the highest-risk fine art operation in the museum world. Each loan transfer involves multiple chain-of-custody touchpoints: condition report, crating, loading, shipping, receiving institution unloading, condition recheck, installation. Digital Tripwire produces hash-signed proximity logs at every fixed touchpoint within the lending and receiving institutions, and portable per-crate nodes can be deployed for the transit window itself. The full forensic record produces lender-contract chain of custody that satisfies AAM, lender insurance carriers, and recipient institutional risk management at the same time.
What about staff and visitor privacy in monitored zones?+
The system captures MAC address proximity, signal strength, and timestamps in a fully-monitored, badge-controlled cultural institution where staff already operate under documented monitoring frameworks established by AAM accreditation, lender contracts, and underwriter requirements. Public exhibition spaces are also already monitored by camera systems that visitors are aware of through standard signage. The data does not capture identity, content, or personal information, and the proximity log has practical investigative value only when correlated with a security event or collection movement. Standard signage and staff onboarding language are provided as part of deployment.
How does this handle the auction house evening-sale model?+
Auction house deployments are designed for the unique peak-event exposure profile of evening sales. Permanent infrastructure covers the vault, warehouse, registration, and conservation areas year-round. Temporary high-density node deployment supplements the permanent infrastructure during preview, sale, and collection windows for evening sales. Per-lot proximity logging is available for the highest-value works during the sale event window. Coverage includes Christie's, Sotheby's, Phillips, Bonhams, Heritage, and regional auction houses with comparable peak-event profiles.
How do we deploy across a multi-site institution or auction house network?+
Multi-site institutional deployments are designed for full-network rollouts, which is where the cross-site pattern matching value compounds. Each site gets a hub and a node kit sized to the facility footprint and risk classification. Hubs auto-provision over LTE-M on first power-up. No site-level IT involvement required. Most pilots are 1-2 sites for 90-180 days, with cross-site pattern matching enabled, then a phased rollout across the network. International deployments are supported through regional cellular IoT and regional cloud infrastructure aligned with local frameworks (UK Government Indemnity Scheme, EU export controls, etc.).
Pilot Digital Tripwire
Your Collection Deserves
a Witness.

Institutional pricing scaled to collection value and site count. Pilot a single institution in 90-180 days. AAM accreditation alignment, AXA Art and Chubb Fine Art audit-ready export, FBI Art Crime Team coordination, auction-house evening-sale peak-event coverage.

Request a Collection Briefing