Content provenance for a transparent internet.
Verimago builds the certificate infrastructure that gives every photo and video a clear, cryptographic label — Authentic, AI-Enhanced, AI-Generated, or Unverified — so audiences always know exactly what they're looking at.
Founded on a principle
Verimago was founded on the belief that audiences deserve to know what they're looking at. As AI-generated and AI-enhanced media become indistinguishable from authentic footage, we set out to build the cryptographic infrastructure the information ecosystem was missing — not to restrict AI, but to label it clearly.
The technology
We use ECDSA P-256 elliptic-curve cryptography with FIPS 140-2 Level 3 hardware security modules for certificate infrastructure, and your phone's Secure Enclave (Apple) or StrongBox (Android) for capture-time signing. App Attest and Play Integrity prove the signing happened on a real, unmodified device. The result is an HSM-backed C2PA Content Credential embedded in every photo and video.
The registry
Every signed photo and video gets a manifest published to the Verimago registry — a permanent, publicly auditable record. Anyone can verify any piece of media in seconds by entering its SHA-256 hash at registry.verimago.io. The manifest includes the content classification so audiences see the full picture.
How Verimago certificates work
The same chain-of-trust model used by SSL certificates — applied to media authenticity.
Identity verification
We verify editorial independence, domain ownership, and jurisdiction — the same standard as Extended Validation SSL.
Key ceremony
A witnessed ceremony generates an ECDSA P-256 keypair. The private key is immediately sealed in a FIPS 140-2 Level 3 hardware security module and never exposed.
Sign at capture
The Verimago camera app and signing tool create a cryptographic manifest the moment media is captured or published — before any edits.
Verify anywhere
Anyone can verify any photo or video by entering its SHA-256 hash at registry.verimago.io. Verification is instant and free.
Four content classifications
Verimago is not anti-AI — it's pro-transparency. We support every type of content; we simply ensure audiences know what they're looking at.
Each certified piece of media carries one of these four states.
Original, unaltered content. No AI modifications applied. A real recording of real events.
Real content processed with AI tools — noise reduction, upscaling, color grading, background blur. The underlying event is real; AI processing was applied.
Fully or substantially generated by AI. Not a recording of real events — generative AI, CGI, synthetic media, AI avatars.
No Verimago certificate. Content origin and authenticity are unknown.
Security & trust
Verimago certificates are designed to the same standards as the public key infrastructure (PKI) underpinning HTTPS on the web. Certificate issuance requires a witnessed key ceremony. Private keys are stored in AWS KMS FIPS 140-2 Level 3 hardware security modules. All certificate operations are logged to a tamper-evident audit trail.
Ready to give your audience full transparency?
Apply for a certificate and let your audience see exactly what your content is — Authentic, AI-Enhanced, or AI-Generated — with cryptographic proof.