Can fake reviews still exist in VeriBureau?

The system is structurally resistant to fake reviews. Every review requires cryptographic proof of a real transaction. The economic cost of fraud is orders of magnitude higher than in traditional platforms.

THE PROTOCOL

How It Works: Seven Steps From Transaction to Proof

By VeriBureau Research·Updated March 2026·2 min read

Understanding the landscape

Step 1: A transaction occurs between a business and a customer. Step 2: The business generates a Proof Token via API call (POST /api/v1/tokens) or through the dashboard with one click. The token contains a cryptographic hash of the business ID, a transaction reference, and a timestamp. Step 3: The customer receives a review link containing the Proof Token — via email, QR code, or embedded in the business's own communication.

VeriBureau is not complicated. It is rigorous. Here is the complete verification flow, described plainly.

The data

Step 4: The customer visits the review page, selects a score (1–5), writes optional feedback, and provides an email for identity verification. The email is hashed (SHA-256) and stored only as a hash — the plain text email is never retained. Step 5: The review is cryptographically bound to the Proof Token. Transaction proof and review content are permanently linked. Step 6: The review is hashed and added to the audit chain (Merkle tree). The business's Trust Score recalculates, weighted by this reviewer's protocol-wide history.

Data references: FTC, World Economic Forum, Harvard Business School, platform transparency reports.

The VeriBureau approach

Step 7: Everything is independently verifiable. The Proof Token validity, the review hash, the Merkle proof, the Trust Score computation — all queryable via the public API. No account required. No trust in VeriBureau required. The API endpoint GET /api/v1/audit/verify returns the current chain integrity status. GET /api/v1/businesses/{slug} returns the business profile with Trust Score. The OpenAPI specification is published at /docs.

// Verification flow

Transaction → POST /api/v1/tokens → Proof Token → Review → SHA-256 → Merkle Tree → Audit Chain

// Public verification: GET /api/v1/audit/verify

Limitations and honest disclosure

The flow depends on business participation to generate Proof Tokens. Businesses that do not generate tokens will not receive reviews — there is no way to review a business that has not opted in. This is by design (consent-based architecture) but limits coverage compared to open platforms where anyone can review any business.

Frequently asked

Is VeriBureau free?

Yes. During the founding period, all features are free with no limits. Future pricing will be per-token, not subscription — announced with advance notice.

Is VeriBureau immune to fake reviews?

No system is immune. VeriBureau raises the cost of fake reviews significantly by requiring cryptographic proof of transaction, but a business could theoretically generate tokens for fictitious transactions. We mitigate this through pattern analysis and the public audit chain, and we are transparent about this limitation.

How long does integration take?

Dashboard registration takes 2 minutes. API integration depends on your stack — most developers complete it in under an hour. No-code options (email invitations, QR codes) work immediately.

The protocol is open

Try the flow yourself. The demo requires no registration.

Examine the protocol How it works

CONTINUE READING

ARCHITECTURE

Proof Token: How a Review Becomes Provable

A Proof Token links a review to a real transaction using cryptographic hashing. Here is what it is, how it works, and what it does not solve.

ARCHITECTURE

The Audit Chain: Permanent, Tamper-Evident, Open

SHA-256 hashing, Merkle trees, cryptographic chaining. Every event is permanent and tamper-evident. Anyone can verify. Here is how.

STANDARD

What It Means for a Review to Be Verified

A verified review is cryptographically tied to a real transaction. Not a label. A provable fact. Here is how the VeriBureau protocol works.