Verification policy

A certificate verified through Aitoware Cert proves that the named issuer recorded the certificate in this registry at the date shown, with the data shown, and has not since revoked it. The verification page is the authoritative source — a downloaded or printed PDF is a copy of that record, not the record itself.

• It does not validate the underlying course content or accreditation status.
• It does not confirm the holder's identity beyond the recipient name supplied by the issuer.
• It does not bind the issuer to deliver future content or services.

Every certificate carries a unique credential ID (for example AITO-INNOV-2026-K7P3Q9) and a QR code printed on the PDF. Scanning the QR code or visiting /verify/{credentialId} resolves the credential against the live registry and shows one of:

• Valid — the certificate exists, has not expired, and has not been revoked.
• Expired — the certificate had a validity period that has ended.
• Revoked — the issuer has invalidated the certificate.
• Not found — no record exists for that credential ID.

Issuers may revoke certificates that were issued in error, contained incorrect data, or should otherwise no longer be treated as valid. Revoked certificates remain in the registry — the verification page displays the revoked status clearly and includes the issuer's stated reason where provided.

A revocation is final once recorded. Corrections are issued as new certificates.

If you believe a certificate is fraudulent, falsified, or being misrepresented, contact the issuer using the contact information on their /i/{issuer} profile page. If the certificate is not in the registry, the verification page returns "not found" — treat that certificate as unverified.

Public verification pages show the recipient's display name, the course name, the issuer, the issue date, and the certificate ID. They never expose recipient email addresses, internal notes, or administrative metadata.

Issuers may mark individual certificates as private. Private certificates can still be verified by ID, but the recipient's name and the PDF download are hidden from the public credential page.