# Mobile Fleet > Mobile Fleet is an enterprise Mobile Device Management (MDM) and Device Policy Controller (DPC) platform built on the official Android Enterprise framework. It gives IT and security teams full real-time control over the Android phones and tablets their company issues to employees — remote lock, wipe, locate, kiosk, policy enforcement, app management, geofencing, SIM-swap detection, and audit-ready compliance reporting. Available as multi-tenant SaaS in 4 regions or self-hosted (Docker / Kubernetes) for regulated industries. Built by Black & White Studio. ## What it is Mobile Fleet turns any corporate-owned Android phone into a fully managed, locked-down, policy-enforced business device. Once a phone is enrolled (via QR or zero-touch reseller flow), the IT team owns it: lock, wipe, reboot, ring, locate from one dashboard; kiosk-lock to a single app; enforce PIN, biometric, auto-lock; whitelist Wi-Fi; install or update apps silently; geofence; detect SIM swaps and root attempts; and produce immutable audit logs for SOC 2 / ISO 27001 / HIPAA / GDPR. Tagline: "Every phone your company owns — under one secure command center." ## Who it's for - Logistics & delivery (driver phones locked to one app, GPS tracked) - Retail & POS (tablet kiosks at checkout) - Healthcare (HIPAA-aligned clinical devices) - Banking & insurance (field-agent phones, enforced VPN, blocked screenshots) - Manufacturing (factory-floor rugged devices, break-glass remote unlock) - Government (air-gapped, sovereign hosting) - Education (student tablets locked to learning apps during class) - Field service (technician phones, no personal apps) ## Core capabilities ### Device control - Remote lock, wipe, reboot, ring, locate (sub-200ms via persistent MQTT channel) - Factory reset protection - Lost mode with on-screen "if found" message and GPS ### Policy enforcement - Mandatory PIN / biometric with minimum complexity - Fleet-wide auto-lock timeout - Per-group enable/disable: camera, screenshot, USB, Bluetooth, hotspot - Wi-Fi whitelist + forced VPN - App blacklist / whitelist (work-hours rules supported) ### App management - Silent install / uninstall of business apps - Forced version updates - Private app catalog (distribute internal apps without Google Play) - License & seat tracking for paid apps ### Monitoring & compliance - Real-time fleet dashboard (online/offline, battery, storage, last-seen) - Compliance flags (root, screen-lock disabled, OS out-of-date) - Immutable audit log on every privileged action - Health alerts (low battery, low storage, high temperature) ### Enterprise provisioning - QR-code enrollment (90 seconds per device) - Zero-touch enrollment via Google Android Enterprise reseller flow - Bulk enrollment tokens for batch provisioning ### Workforce features - Geofencing (office, warehouse, customer-site zones) - Auto check-in/out tied to location + device unlock - SIM swap detection with instant alert + auto-lock - Browser policy with category blocking and URL logging ### Real-time architecture - MQTT-based command channel — devices respond in milliseconds - WebSocket live console for IT - Multi-tenant SaaS with row-level isolation ## Pricing | Tier | Devices | Price | Best for | |---|---|---|---| | Starter | up to 25 | USD 2 / device / month | Small teams piloting MDM | | Business | up to 500 | USD 1.50 / device / month | Growing companies | | Enterprise | unlimited | Custom (annual) | Multi-region, white-label, on-prem | All tiers include unlimited admins, every feature, 24/7 support, written SLA, encrypted backups. 30-day free pilot for up to 10 devices, no credit card required. ## Security - TLS 1.3 + mTLS for every API call and MQTT connection - JWT access tokens + rotating refresh tokens - RBAC: Super Admin, Org Admin, Operator, Support — least privilege - Multi-tenant row-level isolation - Argon2id password hashing; secrets in KMS / Vault - Annual third-party pentest; quarterly internal vulnerability scans - Encrypted daily backups; point-in-time recovery up to 30 days - Device Owner mode on Android (highest privilege Android grants) - Tamper / root / debugger detection on device ## Compliance alignment Designed to help satisfy controls in: - ISO/IEC 27001 — A.6.2 Mobile devices, A.8.1 Asset management - SOC 2 Type II — CC6.1, CC6.7, CC7.2 - GDPR / UK DPA — Article 32 security of processing - HIPAA — §164.310(d)(1) device and media controls - PCI-DSS — Requirement 9.6 (mobile devices handling cardholder data) ## Hosting & data residency - Multi-tenant SaaS in EU (Frankfurt), US (Virginia), APAC (Singapore), South Asia (Mumbai/Dhaka) - Tenants choose a region at signup; data never leaves it - Self-hosted Enterprise: Docker + Kubernetes manifests deployed in customer VPC - No third-party analytics SDKs in the device agent ## Architecture & tech stack - Device agent: Kotlin, Android Enterprise Device Owner mode, minSdk 24, targetSdk 35 - Backend: containerized services on Docker / Kubernetes - Command channel: MQTT over mTLS (sub-200ms delivery) - Web dashboard: React + WebSocket live updates - Identity: JWT + rotating refresh tokens, SAML/SSO/LDAP (Enterprise) - Storage: per-region clusters, encrypted backups, point-in-time recovery - Payments: Stripe (PCI-DSS Level 1) ## Non-negotiable principles 1. Real-time first — no 15-minute polling cycles. 2. Multi-tenant isolation at the database row level, not the app layer. 3. Every privileged action is logged immutably. 4. No customer data is used to train AI models. 5. Customer data stays in the chosen region. Self-host = stays in your VPC. ## Differentiation vs alternatives | Capability | Mobile Fleet | Generic MDM | Google Workspace | |---|---|---|---| | Built on official Android Enterprise DPC | Yes | Sometimes | Yes | | Kiosk Mode (single-app lockdown) | Yes | Limited | No | | Self-hosted / on-prem option | Yes | Rare | No | | Geofencing + auto-attendance | Yes | No | No | | SIM swap detection | Yes | No | No | | Custom branding (white-label) | Yes | No | No | | Real-time MQTT command channel | Yes | Polling | Polling | | Pricing per device (not per seat) | Yes | Mixed | Per seat | ## Frequently asked questions **Q: What exactly does Mobile Fleet manage?** A: Corporate-owned Android phones and tablets (Android 8.0+) enrolled as Device Owner under the official Android Enterprise framework. **Q: How fast does a remote command reach the device?** A: Under 200ms in normal network conditions via persistent mTLS-encrypted MQTT — not 15-minute polling. **Q: Can I self-host?** A: Yes, on the Enterprise tier. Ships as Docker + Kubernetes manifests for deployment in your own VPC. **Q: Does it work for BYOD?** A: Mobile Fleet is optimized for COBO (Company-Owned, Business-Only) and COPE (Company-Owned, Personally-Enabled). Pure BYOD with full Device Owner mode is not supported by Android Enterprise on personal devices, by design. **Q: Is there a free trial?** A: Yes — 30 days, up to 10 devices, no credit card. **Q: What compliance frameworks does it support?** A: ISO 27001, SOC 2 Type II, GDPR, UK DPA, HIPAA, PCI-DSS controls related to mobile device asset management, encryption, audit logging and remote wipe. **Q: Is customer data used to train AI?** A: No. Never. Not for products, not for partners, not for marketing. ## Pages on this site - `/` — Mobile Fleet landing page (features, problem, security, pricing, FAQ, CTA) - `/privacy.html` — Privacy policy (GDPR/DPA, subprocessors, controller vs processor) - `/terms.html` — Terms of service (subscription, acceptable use, SLA, liability) - `/liflet.png` — One-page product brochure (downloadable) ## Assets - `logo.png` — Mobile Fleet brand logo - `liflet.png` — Product brochure / one-page sales sheet ## Contact & maker - **Made by:** Black & White Studio (Dhaka, Bangladesh) - **Enterprise sales:** enterprise@blacknwhitestudio.com - **General:** info@blacknwhitestudio.com - **Privacy:** privacy@blacknwhitestudio.com - **Security disclosures:** security@blacknwhitestudio.com - **WhatsApp:** +8801945936934 - **Parent site:** https://blacknwhitestudio.com - **Mobile Fleet site:** https://blacknwhitestudio.com/mobilefleet