We can produce PCA Trust Statements for any supplier, manufacturer and industry that wants to build trust in their process, product or service marketing. PCA Trust Statements are unique and the most secure form of statement.
PCA Trust Statements are highly secure, cryptographic proofs of document integrity and authenticity. And, the encryption keys are mapped to deep, historical social media identities in a publicly auditable manner. Even the public key is hashed into a blockchain.
Being verified on a decentralised, blockchain network with thousands of nodes, there is no risk that a central server database could be hacked and forked – no central point of failure (e.g. the Twitter and other recent hacks). Important for cyber security.
To further understand how we bring blockchain technology and digital encryption together, here is an example of a PCA Trust Statement. These can be produced for a client who wants to further build trust, by making a publicly verifiable statement about their process, product or service.
To show how such a statement is designed, in this example, we are referencing three PDF presentation files created by PCA. The unique digital signatures of each of these PDF files have been encoded on a public blockchain (Stellar). The Memo (Text) field of the blockchain transaction shows the last 28 characters of the unique Google cloud link to the digital signature.
Here is the link to this example of a PCA Trust Statement.
From the PCA Trust Statement file, it is possible to click the link to the Stellar blockchain explorer, https://stellar.expert/explorer/public.
Then, copy / paste one of the Blockchain Transaction IDs into the Search box (top right), press Enter key. This will find the unique Transaction ID, where you can see the details of the transaction, including the Google cloud link code in the Memo (Text) field.
Since the PCA Trust Statement has been digitally signed by PCA as being a correct statement, assurance is provided that these reports were, in fact, prepared for the client by PCA.
The contents of the reports are not revealed at this stage (they may contain confidential information), only the partial links to the digital signatures, not the full Google links. If the client wants, we can add to the Trust Statement the full links to the digital signatures of each report.
If the client wants further visibility for marketing purposes, we can add the company name of the client in the Memo (Text) field.
If the reports do not contain confidential information and the client wants further transparency, we can add to the PCA Trust Statement the Google cloud links to the original reports themselves.
Scan the QR code above into a smartphone or other QR code reader. Verify the resulting digital signature by copying all it’s text, including the Begin / End PGP dashed lines, here: https://keybase.io/verify
When smartphones read the QR code, they also can open the website link embedded in the code. This can introduce a line break after the first Comment: (after –BEGIN PGP MESSAGE–). If this happens, it will interfere with verification by breaking the PGP armor and produce an error. A remedy is to delete the line break (or, first Comment: statement) and resubmit the code to verification.
Once verified, it will reveal the unique SHA-256 checksum of the PCA Trust Statement PDF file: 98a8e5842044d8e32ab04c46684b0366db49506bf601e9b188bc50e375130c8e
You can verify the SHA-256 checksum of your copy of the PCA presentation file by running the Windows certUtil utility from a Windows command prompt on your computer (certUtil -hashfile pathToFileToCheck SHA256).
To cryptographically prove the integrity and authenticity of the statements contained in the PCA Trust Statement file, it has been checksummed (using the SHA-256 algorithm) and the checksum digitally signed by PCA using an unique PGP key. The PGP key used for signing this PCA Trust Statement file is currently the unique PGP key of the Founder of PCA. This key uses RSA 4096-bit encryption and is extremely secure. The key and its revocation certificates are securely managed.
Similarly, the blockchain (Stellar) used to store the public statements applies industry standard cryptography and is extremely difficult to attack (it is, after all, used for storing and transferring money). It is used by IBM and others. However, PCA is not restricted to using Stellar. Other blockchains can be used too.
The PCA reports produced by PCA for the client are based on relevant data provided to PCA by the client. The accuracy of this data is the responsibility of the client, not PCA. And, the client is aware that customers and government agencies could verify the accuracy of this data with the client.