Someone pays you.
Only then can they review you.
That one rule fixes most of what’s broken. A stranger who was never your customer has nothing to attach a review to. And when a real customer is unhappy, it reaches you privately first — you get 30 days to make it right before anyone else reads it. After that it seals permanently, and nobody can quietly edit history. Not them. Not you. Not us.
Review #4471 · private
● Day 822 days left to resolve — only you can see this
Verified customer · Tier A
Card payment + booking + counter tapSigned at submission
Sealed on day 30 — nobody can edit itStart to finish.
Five steps. Your customer does nothing unusual, and neither do you — the proof gets collected while you’re just doing the job.
You serve the customer
While they pay, book or check out, Authyr quietly picks up whatever proof your setup already produces — the card payment, the booking, a tap at the counter. Nobody changes how they work.
We confirm it was real
Those signals get cross-checked. Two that agree makes it verified; three makes it our strongest tier. The result is signed, so anyone can confirm it later without taking our word for it.
They get one invitation
A text or email that references the actual visit — “your appointment yesterday with Smith Law.” One invitation per visit. No spamming, no repeat asks.
You get 30 private days
A 4 or 5 star review can be shared publicly right away. Anything lower goes private first — only you and the reviewer see it. Refund, redo, apologise, explain. You just can’t edit or delete it.
It seals, permanently
However it reads on day 30 becomes the public record, cryptographically sealed. A badge shows what happened — resolved, unresolved, or no response. That badge is why people believe the good ones.
Seven ways to prove someone was really there.
No single one is enough — that’s deliberate. Two independent signals make a review verified; three make it Tier A. Notably, none of them use your customer’s live phone location, which matters both for privacy and for patent reasons.
The card payment
Stripe, Square, Toast or Clover confirms the card was used at your business at a known time. Read straight from the processor — never from the customer’s phone.
A photo of the receipt
The customer snaps their receipt. The timestamp, the image data and the business name read off the receipt all have to agree. Taken after the fact, never live tracking.
A tap at the counter
A small NFC or QR token on your counter or table. Tapping it proves someone was physically in front of it at a specific moment — a completely different kind of evidence from phone GPS.
A one-time code on the receipt
Your receipt prints a single-use signed code. It works exactly once to open a verified review. No tracking of any kind — just cryptography.
The booking record
Your calendar system — Calendly, Acuity, Clio, Dentrix — confirms the appointment was booked and kept. You’re already collecting this.
Photos that agree with each other
Several photos whose timestamps and details line up into a coherent story. Optional, customer-initiated, and it hardens the record further.
Another customer saw them
A second verified customer who was there at the same time corroborates the first. This one gets stronger as more businesses join — you’d have to compromise the whole network to fake it.
The 30 days, day by day.
This is the part no other review platform has: a real chance to fix the problem before the whole world is reading about it. You can resolve it. You cannot bury it.
The review arrives — privately
Verification passes and the review lands. You get an immediate notification with the full text and the customer’s contact details. The public sees nothing at all.
Your window to make it right
Talk to them in the platform — that thread is kept forever as part of the record — or just pick up the phone. Refund, redo, comp it, or simply apologise properly. If they choose to update or withdraw the review, they can. You can’t do it for them.
It seals
However it reads at that moment becomes public and permanent. No deleting it, no revising it. The signed record travels — any platform that wants to check it, can.
A badge, permanently attached
“Resolved within window,” “Issue unresolved per reviewer,” or “Owner did not respond.” It follows the review everywhere it appears. Resolved reads extremely well. No response reads exactly as badly as it should.
Fixing it is worth more than hiding it.
When a customer updates their review after you sort the problem out, the public record shows the whole journey — ★ → ★★★★★ · Resolved within window — with both versions signed and checkable.
Your rating reflects the final number — a 1★ you turned into a 5★ counts as 5★.
The resolved text is what search engines index. The original complaint stays in the signed record, verifiable by anyone, but it isn’t the headline.
You don’t bury the complaint — you prove the recovery.
Unresolved reviews never change. The complaint stands as the public record, exactly as it should.
Submit once. It’s everywhere you own.
There’s one signed record, and every surface you control is a live view of it. The moment a review seals, it’s already on all of them. No posting, no syncing, no copy-paste.
Automatic — everything you own
Your website widget, your Authyr profile, your badge and your rating all update the instant a review seals, because they’re views of the same record. Link your Google Business Profile and you can read and reply to those reviews from here too.
One tap — Google, Yelp & Facebook
Nobody can auto-post to those platforms; there’s no API for it and faking a submission breaks their rules and the FTC’s. So every verified customer gets a one-tap prompt to post it themselves, from their own account — offered to all of them, never filtered by rating.
How strong is the proof? We tell you.
Every review carries its tier, and the tier travels with it. Anyone can check the signature themselves — you don’t have to trust us, and neither do they.
| Tier | What it took | Typically used by | What it means |
|---|---|---|---|
| A | 3+ independent signals | Legal, medical, financial — the highest-stakes work | Three separate witnesses to the same visit, cryptographically anchored. |
| B | 2 independent signals | Home services, auto, beauty, vet — most businesses | Two independent witnesses. Meaningfully harder to fake than anything else out there. |
| C | 1 signal | High-volume, lower-ticket businesses | One witness. Weaker — but still better than the industry default. |
| D | Nothing — self-declared | What every other review platform produces | Anyone can post anything. Shown here only for contrast. |
Built deliberately around the prior art.
Three existing patents and standards shaped this architecture. Designing around them wasn’t a workaround — it produced a structurally better system.
Chen US 9,842,340
Phone location at submission
Granted Dec 2017. Covers using device location services to verify a reviewer was present when they submitted. Every one of our seven signals works after the fact instead, and none read live device telemetry.
C2PA · Content Credentials
Provenance for media
The Adobe-led capture-time provenance standard. Authyr sits above it rather than beside it — our receipts can carry a C2PA manifest as a sub-record, so the two work together instead of overlapping.
Owner-delete patterns
Platforms that let owners suppress
Several existing patents and platform features let owners hide reviews. Our window is structurally different: the only power you get is to fix the underlying problem. The record itself is immutable from submission onward. Covered by PPA #7.
What we will never claim.
Reputation tools routinely promise things they can’t deliver. If our marketing isn’t technically defensible we deserve to get torn apart in a sales call — so here it is in writing.
Things we don’t say
- “We auto-post your reviews to Google, Yelp or Facebook”
- “Google reads our verification data”
- “Verified presence is baked into the review submission”
- “Business owners can delete bad reviews”
- “AI-generated content will be removed”
What we actually do
- Verify the customer with multiple independent signals at the time of service
- Hold the review privately for 30 days while you work it out with them
- Publish an immutable record afterwards with a badge showing what happened
Own the proof.
Stop sending customers somewhere else to decide whether you’re worth calling.