What does Vashix actually prove about a photo?

Vashix proves four things: WHO took the photo (device identity), WHERE it was taken (GPS, verified against spoofing), WHEN it was taken (timestamp sealed at capture), and that it has NOT been edited after capture (hardware signature breaks if any pixel changes). It does NOT verify what is in the photo — a fraudster can take a genuine photo of pre-existing damage. Photo verification addresses evidence integrity. Claim validation still requires human judgment.

Can someone screenshot the capture screen and submit that instead?

No. Vashix does not accept uploads or screenshots. The link opens a live camera. The photo must be taken in real time through the Vashix capture flow. If someone points their camera at a screen showing an existing photo, our liveness detection (motion analysis and optical flow) catches it.

What if our field teams already use WhatsApp for photos?

WhatsApp strips all verification data — GPS, timestamps, device info, and provenance signatures — when sending photos. A WhatsApp photo scores 4/100 on the Trust Score. With Vashix, you send a WhatsApp message containing a capture link. The user taps the link, takes the photo through Vashix, and you get a verified result. Same delivery channel (WhatsApp), completely different proof level.

Does the person need to download an app?

Not for basic captures. They open the link in their phone's browser and take the photo (BRONZE tier, score 25-38). For stronger verification (SILVER/GOLD, score 60-95), the Vashix app is required — it's under 15MB and installs quickly on most connections. You choose the minimum tier per workflow.

Can AI-generated images be submitted through Vashix?

For SILVER and GOLD captures — no. The photo must be taken in real time through the device camera, signed by the phone's hardware security chip. There is no upload path for AI-generated images. AI images have no hardware origin and are rejected. For BRONZE (browser) captures, our multi-signal detection checks for AI indicators, but the score reflects the lower verification level.

What if the phone is rooted or modified?

Vashix checks device integrity using Google's Play Integrity API before every capture. Rooted phones, modified operating systems, virtual camera apps, and emulators fail this check. The capture is either blocked or automatically scored lower and flagged for review.

Is this admissible as evidence in Indian courts?

Vashix generates certificates designed to support Section 63 of the Bharatiya Sakshya Adhiniyam, 2023 (BSA) — the current law governing electronic evidence admissibility in India. Every capture includes a cryptographic chain of custody. PDF/A exports are available for legal proceedings. Admissibility in a specific case is always determined by the court, but the certificate ensures the evidence meets the technical requirements of Section 63(4).

Where is the data stored?

All data is processed and stored in Mumbai, India. No capture, no GPS coordinate, no device identifier ever touches a server outside India. Designed for DPDP Rules 2025 data residency requirements.

BRONZE browser capture works on iOS Safari. The Vashix app is currently Android-only — covering 95%+ of field devices in India. iOS SDK is on our roadmap.

How long does it take to start?

Dashboard and WhatsApp delivery: 5 minutes, zero code. REST API integration: your developer is making API calls in under 30 minutes. Android SDK embed in your own app: typically 4-8 weeks including testing.

We already use Truepic / Attestiv. Why switch?

Truepic and Attestiv are excellent products built for the US market. Vashix is purpose-built for Indian enterprise — with native Section 63 BSA certificate generation, DPDP compliance, WhatsApp delivery, and INR pricing designed for India-scale volumes.

Does Vashix work without internet?

The app captures and signs photos locally on the device. When connectivity returns, photos sync to the server. The anti-replay nonce requires a brief server check before capture begins, but the actual signing and storage happen on-device.

Does this work on older Android phones?

Yes. BRONZE and SILVER captures work on Android 8.0 and above — which covers virtually all phones currently in use in India. GOLD requires dedicated security hardware, available on most phones from 2020 onwards.

How long does SDK integration take if we want it in our own app?

Dashboard and API require zero integration — you can start in 5 minutes. REST API integration takes your developer under 30 minutes with our pre-built examples. SDK integration into your existing Android app typically takes 4-8 weeks including testing and security review.

Product26 March 20268 min read

Trust Score Explained: How Vashix Rates Photo Integrity from 0 to 100

A deep dive into the deterministic 0–100 scoring system that powers every Vashix verification — the five signals, four tiers, fraud penalties, and why we chose math over AI.

When a photo arrives in your claims system or inspection dashboard, the first question is always the same: can I trust this? Is it a genuine capture from a real device at the right location and time? Or is it recycled, edited, spoofed, or generated by AI?

The Vashix Trust Score answers that question with a single number between 0 and 100. No ambiguity, no subjective review — a deterministic score computed from verifiable cryptographic and sensor signals. This article explains exactly how it works, what goes into the calculation, and what the score tiers mean for your verification workflows.

What Is the Trust Score?

The Trust Score is a number from 0 to 100 assigned to every photo captured through the Vashix system. It's computed deterministically — the same inputs always produce the same score. There's no machine learning model making probabilistic guesses. The score is the sum of verified signals minus fraud penalties.

The score answers five questions about the photo:

Was it signed by real hardware? — Did the photo's signature come from a verified TEE or StrongBox chip, validated against Google's Hardware Attestation Root CA?
Was the GPS trustworthy? — Is the location accurate, and was mock GPS detection active at the time of capture?
Was it captured fresh? — Does it have a valid server-issued nonce, proving it wasn't a replay of an older capture?
Was the device moving naturally? — Does the IMU (accelerometer + gyroscope) data show natural hand tremor, not a phone mounted on a tripod or a sensor replay?
Is it bound to a workflow? — Is the photo tied to a specific claim, session, or inspection assignment?

The Scoring Formula

The Trust Score starts at 0 and adds points for each verified signal. The maximum possible score is 100.

Signal	Max Points	How It's Verified
Hardware Attestation	40	Certificate chain validated against Google Hardware Attestation Root CA. StrongBox gets full 40, TEE gets 30, software-only gets 15.
GPS Verification	20	Accuracy-based scoring. High-precision GPS with mock location detection active scores highest. Web uploads are capped at 4 points.
Nonce Freshness	15	Server issues a cryptographic nonce before each capture. The capture must include this nonce to prove it was taken within the allowed time window (120 seconds).
Motion / IMU Seal	15	Accelerometer and gyroscope data must show natural hand movement. A 3-frame hash sequence (before, during, after shutter) proves the device was in motion and the sensor data is consistent.
Workflow Binding	10	Photo is bound to a specific session, claim ID, or inspection assignment. Prevents orphaned captures that could be attributed to any claim.

Important: The score can also go down from fraud penalties. If the system detects that a photo is an exact duplicate of a previous submission, 40 points are deducted. Failed liveness checks deduct 20 points. Invalid watermarks deduct 15. These penalties apply on top of whatever positive score the signals earned.

The Four Tiers

The raw 0-100 score maps to four tiers. These tiers determine how your organization should treat the photo in your workflow:

90–100 GOLD

StrongBox hardware chip. Highest security level. Full chain of custody from capture to server. Suitable for auto-approval in high-value claims.

60–89 SILVER

TEE (ARM TrustZone) hardware signing. GPS and IMU verified. Suitable for standard field claims and inspections.

25–50 BRONZE

Software-only signing or browser-based capture. Limited verification. Flag for manual review. Not recommended for high-value disputes.

0–15 NOT VERIFIED

Web uploads, WhatsApp-forwarded photos, or AI-generated images. No hardware attestation, no provenance. Investigate or reject.

Why Deterministic, Not AI?

A common question: why not use machine learning to determine if a photo is genuine?

The answer is auditability. An ML model produces a confidence score based on learned patterns — but you can't explain exactly why it gave 87% instead of 92%. When you're making decisions about insurance claim payouts, legal evidence, or regulatory compliance, you need to be able to point to the exact signals that justify the score.

The Vashix Trust Score is fully decomposable. For any score, you can see: "This photo scored 84 because it received 30/40 for TEE attestation, 18/20 for GPS accuracy, 15/15 for nonce freshness, 11/15 for motion seal, and 10/10 for workflow binding." No black box. Every point is traceable to a verifiable signal.

This doesn't mean ML has no role. Server-side fraud detection uses pattern analysis for duplicate detection and geo-anomaly flagging. But the core Trust Score — the number your team acts on — is deterministic and explainable.

Why Web Uploads Can Never Score Above 38

Browsers have no access to hardware security chips, no IMU sensor data, and GPS can be spoofed in seconds via developer tools. Without hardware attestation (40 points gone), without real IMU motion seal (15 points gone), and with GPS capped at 4 points, the maximum theoretical score for a web upload is 38/100.

This ceiling is intentional and permanent. It's not a limitation we plan to "fix" — it reflects the fundamental security difference between a browser and a hardware-attested mobile device. Web uploads are useful for basic analysis (EXIF parsing, duplicate detection, AI content checks), but they can never reach the verified threshold.

Setting Your Own Thresholds

Different workflows have different risk tolerances. A routine property inspection might accept SILVER (60+) captures. A high-value motor insurance claim might require GOLD (90+). A quick delivery proof might accept BRONZE if the amount is low.

Vashix lets you set minimum tier requirements per session. When creating a capture session, you specify the minimum acceptable tier. If a capture comes in below that threshold, the dashboard flags it for review rather than auto-accepting.

What the Score Doesn't Tell You

The Trust Score verifies evidence integrity — that the photo was taken on a real device, at a real location, at a specific time, and hasn't been modified. It does not verify the content of the photo. A GOLD-scored photo proves that a specific device captured a specific scene at a specific location and time. It doesn't prove that the damage in the photo is new, or that the property in the photo is the right one.

Photo verification addresses the evidence chain. Claim validation still requires human judgment. The Trust Score removes the evidence manipulation problem so your team can focus on the business decision.

Want to see capture-time verification in action?

Learn how Vashix helps insurers prevent photo fraud at the point of capture.

Talk to Us Read the Docs

← All Articles