The Verimago Shield System

Every piece of content has a shield state. The shield is a visual indicator of cryptographic authenticity — not an opinion, not a label, not a vote. It's a mathematical proof.

Shield states

Green — Authentic

The content was captured and signed by one of:

A Verimago Camera app running on a genuine, non-jailbroken device (hardware attestation via Apple App Attest or Google Play Integrity)
A verified portal session with authenticated user identity

What it proves: The file bytes have not changed since the moment of signing. The signing device/session passed attestation. The certificate chain is valid back to the Verimago CA. What it does not prove: That the content is "true" or "accurate." A green shield means the video is real footage from a real device — it does not evaluate the editorial context.

Purple — AI-Enhanced

Real content that has been processed with AI tools. The chain of custody is intact:

The original authentic source is traceable
AI processing (upscaling, noise reduction, color grading, etc.) is declared by the publisher
The purple certificate references the original content

Use case: A newsroom applies AI-powered color correction and super-resolution to field footage. The processed version carries a purple shield, and anyone can see the AI enhancement was declared by a verified publisher.

Amber — AI-Generated

Fully or substantially generated by AI. This is not a recording of real events — declared as synthetic media by the creator.

What this means: The creator has transparently labeled their content as AI-generated. This is not a warning — it's a declaration of content type. AI-generated content with an amber shield is honest content; AI-generated content with no shield at all is the problem Verimago solves.

Grey — Unverified

No Verimago certificate is attached to this content. This is the default state for all content on the internet today.

Grey does not mean the content is fake. It means there is no cryptographic proof of authenticity. As Verimago adoption grows, grey becomes the absence of proof — similar to how a website without HTTPS is not necessarily malicious, but the lack of a padlock is now a warning.

Why shields cannot be forged

Green requires hardware attestation

The green shield requires a cryptographic signature from the device's Secure Enclave (iOS) or StrongBox (Android). These are dedicated hardware security modules embedded in the phone's processor. The private key never leaves the chip — no software, no cloud service, no AI can fabricate a valid hardware attestation signature.

Additionally:

iOS: App Attest verifies the app is genuine, unmodified Verimago, running on a non-jailbroken device
Android: Play Integrity verifies boot integrity, app genuineness, and hardware-backed keystore availability

Purple requires a valid green ancestor

You cannot create a purple-shield certificate without a valid green-shield certificate in the chain. There is no shortcut — the chain of custody is cryptographically enforced.

Amber is a voluntary declaration

AI-generated content is labeled by the creator at the point of signing. The amber shield proves a verified Verimago user declared this content as AI-generated — the certificate is real even though the content is synthetic.

Tampering is detected automatically

When a verification request is made, the Verimago registry computes the SHA-256 hash of the submitted content and compares it to the hash stored in the certificate. If they don't match, the verification fails. No human judgment required.

How verification works

A viewer encounters content with a Verimago verify link

They click the link or paste the content hash at registry.verimago.io

The Verimago registry looks up the hash

If a certificate exists, the registry verifies the signature against the Verimago CA public key

The shield state is returned along with all metadata the signer chose to include

The entire process is public and requires no account. The verification endpoint is a simple GET request.

C2PA compatibility

Verimago certificates are C2PA 2.2 compliant. The shield system maps to C2PA concepts:

Verimago Shield	C2PA Equivalent
Green (Authentic)	Hard binding assertion with hardware claim generator
Purple (AI-Enhanced)	Ingredient assertion with AI processing declaration
Amber (AI-Generated)	Synthetic content assertion with creator declaration
Grey (Unverified)	No C2PA manifest present

Platforms that support C2PA Content Credentials (Meta, Google, Adobe tools) will display the C2PA icon alongside the Verimago shield on certified content.