Is DAPI a biometric database?

No. DAPI is not a biometric database and does not create, maintain, or operate any public
identity registry. The fundamental design principle is to generate verifiable forensic evidence while
minimizing data exposure and unnecessary retention. It provides no APIs, no integrations and no banking services.

DAPI does not store searchable biometric templates, facial recognition profiles, or voice prints.
The certification process generates SHA-256 hashes (digital fingerprints) of your files, but these
hashes cannot be reverse-engineered to reconstruct your original biometric data.

After certification delivery and the secure deletion protocol (48 hours for workstation files,
30 days for email communications), only non-reversible cryptographic hashes, timestamp certificates,
and basic metadata remain in DAPI’s records—not your biometric files in any form.

Is my DAPI certification public or searchable online?

No. DAPI is private by design. No public profile is created, no information is indexed
by search engines, and nothing about your certification is made searchable or visible online.

This privacy-first approach is fundamentally different from public verification platforms or identity
registries that create searchable profiles or verification badges. DAPI provides forensic evidence
without exposure—the certification exists to strengthen your defensive position when needed,
not to publish your identity online.

The only public-facing element is the timestamp verification tool, which allows independent verification
that your timestamp certificate was issued by a qualified provider and has not been tampered with.
This verification process does not reveal any personal information—it only confirms the mathematical
validity of the timestamp itself.

Are my files stored after certification?

DAPI is designed with strict data minimization principles. Your biometric files are used to produce
the certification package and are not kept longer than necessary for delivery and
quality verification.

Deletion timeline:

• Workstation files: Your identity files are permanently deleted from the certification
  workstation within 48 hours using 7-pass DoD 5220.22-M overwrite standard, making recovery impossible.
• Email communications: Emails containing your files are deleted from mail servers
  within 30 days after certification delivery.
• Deletion confirmation: You receive written confirmation that the deletion protocol
  has been completed, with timestamp logging for verification.

This approach ensures that DAPI can provide ongoing verification support if needed (for example, if a
court requests authentication of your certificate years later), while your actual biometric files do not
remain in any recoverable form after the deletion protocol is completed.

Is DAPI an automated or AI-based service?

No. DAPI is a manual, expert-supervised certification process. It is not an automated
platform, it does not use AI-based identity validation, and it does not rely on algorithmic processing
of your biometric data.

Why manual processing matters:

• Quality control: Human expert review catches issues that automated systems miss
  (file corruption, inconsistencies, quality problems).
• Legitimacy verification: Personal assessment helps identify and prevent fraudulent
  certification requests or misuse attempts.
• Legal robustness: Expert supervision and declaration strengthen evidentiary value
  compared to automated certifications that lack human oversight.
• Privacy protection: Manual processing on encrypted offline workstations provides
  stronger security than cloud-based automated platforms.

This controlled, expert-supervised approach is slower and more labor-intensive than automated services,
but it provides significantly higher quality and legal reliability for the certification package.

Is the certification legally usable?

Yes. DAPI is specifically designed to produce a legally-oriented evidence package
that can support disputes, reporting workflows, and legal actions. The certification uses forensic
standards recognized in legal proceedings.

Legal components of DAPI certification:

• Cryptographic hashes (SHA-256): Industry-standard digital fingerprints that
  prove file integrity with mathematical certainty.
• Qualified timestamps (eIDAS-compliant): RFC 3161 timestamps from qualified
  providers recognized across EU jurisdictions and increasingly accepted internationally.
• Forensic methodology (ISO/IEC 27037): Industry-standard digital evidence
  handling procedures that meet technical requirements for admissibility.
• Chain of custody documentation: Complete record of what was received, processed,
  and delivered, allowing third-party verification of the certification process.
• Expert declaration: Signed statement from forensic expert with credentials,
  methodology explanation, and professional attestation.

Can DAPI help with deepfakes or impersonation?

Yes. DAPI does not prevent deepfakes or impersonation from occurring, but it provides
verifiable proof of integrity and anteriority that can significantly support your defensive position
when misuse happens.

How DAPI addresses deepfake and impersonation abuse:

• Establishes authentic baseline: Your certified photos, voice recordings, and
  identity documents serve as the verified reference for comparison with fake content.
• Proves temporal anteriority: The qualified timestamp demonstrates that your
  authentic materials existed before the fake content appeared—critical for disputes
  where “who copied whom” is contested.
• Enables forensic comparison: Technical experts can analyze differences between
  your certified authentic materials and disputed deepfake content to identify AI-generated artifacts,
  manipulation traces, or synthetic patterns.
• Strengthens platform reports: Providing cryptographically certified proof of your
  authentic identity significantly accelerates platform takedown response compared to unverified claims.
• Supports legal action: The certification package provides structured evidence
  for criminal complaints, civil proceedings, GDPR enforcement, and cease-and-desist letters.

Can DAPI be used for takedown requests?

Yes. The DAPI certification package can be attached to takedown requests and abuse
reports as structured supporting evidence. While it does not guarantee content removal (platforms
have discretion in moderation decisions), it strengthens your position decisively with verifiable proof.

How to use DAPI for platform takedowns:

• Identify the violation: Fake profile, unauthorized image use, impersonation,
  deepfake video, voice cloning, or other identity abuse.
• File platform report: Use the platform’s official abuse reporting mechanism
  (Instagram, Facebook, LinkedIn, TikTok, Twitter/X, etc.).
• Attach DAPI certificate: Include your certificate PDF as supporting evidence
  showing cryptographically certified proof of authentic identity.
• Reference in report text: State clearly: “Certified proof of authentic identity
  attached (DAPI-[your code]). Certificate includes SHA-256 hashes and qualified timestamp.”
• Provide originals if requested: If the platform asks for additional verification,
  supply your original files so they can verify the hashes match.

For GDPR-based takedown requests (right to erasure under Article 17), the DAPI certificate serves as
strong proof that you are the legitimate data subject, eliminating platforms’ common excuse that they
“cannot verify your identity.”

What files are required for DAPI certification?

DAPI certification is based on four identity-related files that establish your authentic biometric
and documentary baseline. These files create a comprehensive forensic reference point for your identity.

Required files (standard DAPI package):

• Identity Document (required): Valid government-issued ID—passport, national ID
  card, or driver’s license. Must be current and unexpired. PDF or high-quality JPG format.
  This file is private and used only for certification—it will never be published.
• Facial Photograph (required): Front-facing photo establishing your authentic
  appearance. Frontal pose, natural lighting, no sunglasses or obstructions, neutral background
  preferred, minimum 1280x720px resolution.
• Voice Recording (required): 30-60 second audio sample certifying your authentic
  voice characteristics. You will be provided with standard text to read. Clear audio quality
  (MP3 or WAV format), recorded in quiet environment without background noise.
• Verification Video (optional but strongly recommended): 10-15 second video
  for enhanced authentication. Looking at camera with face centered, gentle lateral head movement
  (left/right), MP4 format. This provides the strongest proof against deepfake manipulation.

You will receive detailed technical specifications and clear instructions before file submission.
If you have questions about file preparation, DAPI support will guide you through the process during
the secure communication phase.

Who should use DAPI?

DAPI is designed for anyone who wants legally-oriented identity proof before misuse happens.
The service is particularly valuable for individuals whose identity exposure creates higher risk
of impersonation, deepfakes, or abuse.

Primary user categories:

• Public figures & professionals: Politicians, journalists, media personalities,
  and anyone with public visibility vulnerable to reputation attacks timed for maximum damage.
• Executives & business leaders: CEOs, directors, and decision-makers at risk
  of voice cloning for business email compromise (BEC) attacks, CEO fraud, or fake authorization scams.
• Content creators & influencers: YouTubers, streamers, social media personalities
  whose likeness and voice are valuable targets for fake endorsements or impersonation scams.
• Private individuals with safety concerns: Anyone experiencing harassment,
  stalking, or threats who wants defensive proof ready before escalation occurs.
• Families protecting minors: Parents seeking to protect children against
  AI-generated explicit content, grooming via fake identity, or custody disputes with fabricated evidence.
• Professionals in sensitive fields: Lawyers, medical professionals, academics,
  or others whose professional reputation depends on verified authentic identity.

How long does the certification process take?

Processing time varies depending on current workload and case complexity. DAPI uses manual
expert-supervised certification rather than automated processing, which means quality takes
priority over speed.

Typical timeline (standard processing):

• Day 0: You submit certification request through the website
• Day 1-2: DAPI contacts you via secure private channel with unique DAPI code
  and instructions for file submission
• Day 2-3: You send files via secure channel; expert processes certification
  (hash generation, timestamp application, certificate creation)
• Day 3-4: Certificate package delivered via secure email (PEC for audit trail)
• Day 5: File deletion protocol completed; confirmation sent

After you submit your initial request, you will receive a personalized timeline estimate based on
current workload and your specific case requirements. DAPI maintains direct communication throughout
the process so you always know the current status.

What do I receive after certification?

You receive a complete forensic evidence package designed for immediate use in legal proceedings,
platform disputes, and defensive contexts. The package is professionally formatted and includes
everything needed to prove authenticity and temporal anteriority.

Complete DAPI certification package includes:

• Official DAPI Certificate (PDF, 6 pages): Professionally formatted document
  with DAPI logo, certificate number, your name, certification date, timestamp seal, list of
  certified files with SHA-256 hashes, technical specifications, forensic methodology explanation,
  legal usage guidance, verification instructions, and expert declaration with digital signature.
• SHA-256 Cryptographic Hashes: Unique digital fingerprints for each certified
  file (identity document, photo, voice, video). These hashes allow independent verification
  that your files match the certified originals.
• Qualified Timestamp Certificate: RFC 3161 compliant timestamp from eIDAS-qualified
  provider (.tsr file format). Provides legally recognized temporal proof that can be independently
  verified using public validation tools.
• Technical Documentation: Complete chain of custody report detailing forensic
  standards applied, file handling procedures, hash generation methodology, timestamp application
  process, and verification protocols.
• Legal Usage Guide: Practical instructions for using the certificate in
  platform takedowns, GDPR complaints, criminal reports, civil proceedings, and law enforcement
  collaboration—including specific templates and recommended language.
• Verification Instructions: Step-by-step guidance for independently confirming
  file integrity using the provided hashes, enabling third parties to verify authenticity without
  DAPI’s involvement.

Can the same certification be used for multiple disputes?

Yes. A single DAPI certification can be reused as baseline proof against multiple
abuses involving your identity materials. You do not need separate certifications for each incident—
the same certified baseline remains valid for proving your authentic identity regardless of how many
times it’s misused.

Multiple use scenarios:

• Multiple fake profiles: If someone creates fake accounts on Instagram, Facebook,
  LinkedIn, and dating sites using your photos, one DAPI certificate supports takedown requests
  across all platforms.
• Ongoing impersonation: If impersonation continues over time with new fake accounts
  appearing after previous ones are removed, the same certificate continues to provide proof.
• Different abuse types: The certification can support both platform reports AND
  legal actions simultaneously (for example, Instagram takedown request + police report + civil lawsuit).
• Cross-border disputes: One certificate supports actions in multiple jurisdictions
  (eIDAS timestamps have EU-wide recognition, and SHA-256 hashing is internationally accepted).

Can I update or replace my certified files later?

Yes. If your identity document changes (renewal, new passport) or you want to
refresh your baseline materials due to significant appearance changes, you can request a new certification.
This creates a new verifiable reference point for the updated file set.

When to consider updating your certification:

• Identity document expiration: Your certified ID has expired or been renewed
• Significant appearance changes: Major weight change, facial hair growth/removal,
  cosmetic procedures, aging effects over several years
• Voice changes: Medical conditions, surgical procedures, or aging affecting voice
  characteristics
• Enhanced protection: Original certification didn’t include verification video,
  but you now want maximum deepfake protection

Each certification is independent with its own DAPI code, timestamp, and certificate. Your previous
certification remains valid for its original timeframe—updating creates an additional reference point
rather than invalidating the previous one.

How do I request a DAPI certification?

Starting the certification process is straightforward. Use the dedicated request page to submit
your initial information, and DAPI will guide you through secure next steps.

Certification request process:

• Step 1: Visit the request page and complete the contact form with basic information
  (name, email, brief description of your protection needs)
• Step 2: System generates your unique DAPI code (e.g., DAPI-7F3A9C) and sends
  confirmation email
• Step 3: DAPI contacts you within 24-48 hours from secure private channel with
  detailed instructions for file preparation and submission
• Step 4: You send files via secure channel (specific instructions provided in
  private communication)
• Step 5: Expert processes certification and delivers complete package within
  estimated timeframe

Questions before requesting? If you have specific questions about your situation,
technical requirements, pricing, or the certification process, you can contact DAPI support before
submitting a formal request. All communications are private and confidential.