Cryptographically signed at the moment of capture, from any smartphone, via a verified, correctly-installed app. Survives recropping. Survives recapture. Built for the AI era.
Be the first to know when the app ships. No spam — one email per major milestone.
We’ll only email you about the app launch and major milestones. Unsubscribe anytime.
AI-generated imagery has made “is this real?” the question of the decade. Certified.Photos gives every photo a cryptographic answer — at the moment of capture, on any modern smartphone.
The app installs and runs only on non-jailbroken (iOS) and non-rooted (Android) devices. If the OS sandbox is compromised, the app refuses to launch in a signing role.
Every layer above this depends on the OS still enforcing its own protections. No floor, no fortress.
At runtime, the app re-checks itself against the original App Store / Play Store build. A modified, sideloaded, or tampered app refuses to sign.
If the signing environment can’t be trusted, nothing downstream of it can be either.
Every photo is signed at the shutter, not after the fact — bound to the exact frame the sensor saw. Pass or fail. No interpretation required.
AI-generated content cannot reproduce a signature it was never present for.
The signature is packaged in a C2PA-conformant manifest — the open provenance format backed by Adobe, the BBC, Microsoft, and the major camera makers.
One reader works for every certified photo. No proprietary verifier required.
Cropping, format conversion, re-encoding, screen-recapture, stylized filters — verification still resolves to the original capture.
An invisible watermark, imprinted at capture, persists where stripped C2PA metadata alone cannot.
Every photo’s hash is co-signed by an independent witness network, producing a tamper-evident record of when this image first existed. Copies are necessarily after the original. Forged dates fail verification.
Distributed across independent witnesses — designed to outlive any single operator, including us.
The capture-to-verification path explained, layer by layer. OS integrity, app integrity, capture-time signing, device attestation, invisible watermark, witness anchoring. For evaluators, IT, and partners.
Read the overview → FOR NEWSROOMSEnd-to-end newsroom workflow. Contributor onboarding, source protection, and a public certificate page on every published photo.
See the newsroom flow →The free tier covers the foundation: OS integrity, app integrity self-check, capture-time fingerprinting, and C2PA signing. Every photo you take through the app is cryptographically signed at the shutter and gets its own public verification page at cert.photos/v/<id>. No subscription. No catch.
An imperceptible mark imprinted at capture. Verification survives recropping, recompression, and screen recapture — even when the C2PA manifest has been stripped from the file.
Email us for more info →The cryptographic record of capture lives forever. The personally identifying data — photographer ID, GPS coordinates, EXIF — lives in deletable storage. Right-to-erasure works. Source protection in war zones works. The proof of authenticity does not depend on the data that has to be deletable.
Email us for more info →