Certificate Verification

SignNXT certificates of completion include tamper-proof verification to ensure authenticity. Anyone can verify a certificate using the public verification page or by scanning the QR code.

What is Certificate Verification?

Certificate verification confirms that a SignNXT certificate is authentic and has not been tampered with.

Purpose:

• Prove document authenticity
• Detect tampering or forgery
• Verify all signers and dates
• Provide legal evidence
• Build trust with third parties

Benefits:

• Tamper-proof verification
• Public verification (no login required)
• QR code for easy access
• Cryptographic hash validation
• Complete signer information

---

How Verification Works

Cryptographic Hash

Each certificate includes a unique cryptographic hash:

What is a Hash?

• A unique "fingerprint" of the document
• Generated from document content
• Changes if document is modified
• Mathematically impossible to forge

How It Works:

1. Certificate is generated with document hash
2. Hash is embedded in certificate
3. Verification page recalculates hash
4. Hashes are compared
5. Match = authentic, No match = tampered

QR Code

Every certificate includes a QR code for easy verification:

QR Code Contains:

• Verification URL
• Document ID
• Certificate hash (optional)

Benefits:

• Instant verification with smartphone
• No typing required
• Works offline (after initial scan)
• Universal compatibility

Verifying a Certificate

Method 1: Scan QR Code

---

Method 2: Manual URL Entry

If you don't have the QR code:

Verification Results

Authentic Certificate

When a certificate is authentic, you'll see:

Success Indicators:

• ✅ Green checkmark icon
• "Certificate Verified" heading
• "This certificate is authentic and valid" message

Document Information:

• Document name
• Document ID
• Workspace name
• Status (completed)
• Completion date
• Certificate generation date

Signer Information:

• All signer names
• Signer email addresses
• Signing dates and times
• Signing order (if sequential)

Verification Details:

• Verification timestamp
• Hash verification status
• "Certificate is authentic" confirmation

Invalid Certificate

If verification fails, you'll see:

Failure Indicators:

• ❌ Red X icon
• "Verification Failed" heading
• "This certificate could not be verified" message

Possible Reasons:

• Certificate has been tampered with
• Document does not exist
• Certificate was forged
• Invalid document ID
• Hash mismatch

Warning Message:

• "This certificate may have been tampered with, or the document does not exist."
• Recommendation to contact issuer

What Information is Shown?

Document Details

Basic Information:

• Document name
• Document ID (unique identifier)
• Workspace name (issuing organization)
• Document status (should be "completed")

Dates:

• Completion date (when all signers finished)
• Certificate generation date
• Verification date (current timestamp)

Signer Information

For Each Signer:

• Full name
• Email address
• Signing date and time
• Signing order (if sequential)

Example:

John Smith
john.smith@example.com
Signed: 15 Jan 2025, 14:32

Verification Metadata

Additional Details:

• Verification timestamp (when you verified)
• Hash verification status (if hash provided)
• Authenticity confirmation message
• Powered by SignNXT footer

---

Sharing Certificates

Best Practices

When Sharing:

• ✅ Share the original PDF certificate
• ✅ Include verification instructions
• ✅ Mention the QR code for easy verification
• ✅ Provide verification URL if needed

What to Include:

This certificate can be verified at:
https://signnxt.com/verify-certificate

Or scan the QR code on the certificate with your smartphone.

Who Can Verify?

Anyone:

• No login required
• No SignNXT account needed
• Works on any device
• Public verification page

Use Cases:

• Employers verifying employee documents
• Clients verifying contracts
• Auditors verifying compliance
• Legal teams verifying evidence
• Third parties verifying authenticity

Security Features

Tamper Detection

How It Works:

• Certificate includes cryptographic hash
• Hash is calculated from document content
• Any modification changes the hash
• Verification detects hash mismatch

What's Detected:

• Modified text or signatures
• Changed dates or names
• Altered document content
• Forged certificates
• Pixel-level changes

Public Verification

Benefits:

• No authentication required
• Accessible to anyone
• No account needed
• Universal trust

Security:

• Read-only access
• No sensitive data exposed
• Cannot modify documents
• Audit logged (verification attempts)

QR Code Security

Protection:

• QR code links to official verification page
• Cannot be redirected to phishing sites
• Includes document ID and hash
• Tamper-evident

Best Practices:

• Always verify the URL starts with signnxt.com
• Check for HTTPS (secure connection)
• Look for green padlock in browser
• Verify domain spelling

Troubleshooting

"Document not found"

Possible Causes:

• Incorrect document ID
• Document was deleted
• Typo in URL

Solution:

• Double-check the document ID
• Verify you're using the correct certificate
• Contact the issuer for a new certificate

"Hash mismatch"

Possible Causes:

• Certificate has been tampered with
• Certificate was modified after generation
• Forged certificate

Solution:

• Do not trust this certificate
• Contact the issuer immediately
• Request a new, authentic certificate
• Report potential fraud

QR Code won't scan

Possible Causes:

• Poor print quality
• Damaged QR code
• Camera focus issues
• Low lighting

Solution:

• Try better lighting
• Clean camera lens
• Use a different QR scanner app
• Manually enter the verification URL

Verification page won't load

Possible Causes:

• No internet connection
• Server maintenance
• Browser issues

Solution:

• Check your internet connection
• Try a different browser
• Wait a few minutes and retry
• Contact SignNXT support if persistent

Legal Validity

Certificate as Evidence

Legal Standing:

• Certificates serve as legal proof of completion
• Tamper-proof verification adds credibility
• Audit trail supports authenticity
• Admissible in legal proceedings

What It Proves:

• Document was signed by all parties
• Signatures were completed on specific dates
• Document has not been tampered with
• Complete chain of custody

Compliance

Standards Met:

• ESIGN Act (US)
• UETA (US)
• eIDAS (EU)
• Electronic signatures legally binding

Audit Requirements:

• SOC 2: Tamper-evident records
• ISO 27001: Document integrity
• GDPR: Data authenticity
• HIPAA: Audit trail (if applicable)

Frequently Asked Questions

Do I need a SignNXT account to verify?

No, certificate verification is completely public and requires no login or account.

Can I verify a certificate offline?

No, verification requires an internet connection to check the certificate against SignNXT's database.

How long are certificates valid?

Certificates remain valid indefinitely as long as the document exists in SignNXT. Even if the workspace is deleted, verification records are preserved.

Can a certificate be faked?

It's extremely difficult to fake a SignNXT certificate due to the cryptographic hash. Any modification will cause verification to fail.

What if the QR code is damaged?

You can manually enter the verification URL and document ID. The URL is printed below the QR code on the certificate.

Can I verify old certificates?

Yes, certificates can be verified at any time, even years after generation. Verification records are retained indefinitely.

What if verification fails?

If verification fails, do not trust the certificate. Contact the issuer immediately to request a new, authentic certificate.

Is verification logged?

Yes, verification attempts are logged for security purposes, but no personal information is collected from verifiers.

---

Related Articles