Humanproof transparency
A credit score for your skills is only useful if you can see how it is computed, who can question it, and what the operator is bound not to do. This page is the answer. It is intentionally specific and intentionally permanent.
Minimum disclosure
Every share is selective. Default is the score and credentialing metadata only. Evidence detail is added only by your explicit per-share choice.
No auxiliary tracking
Identity artifacts (passport scans, biometric templates, government IDs) are never persisted by Humanproof. Aggregate or individual subject data is never sold.
Single verification
Identity-verify once. Routine score consumption by employers or AI agents does not retrigger verification. Step-up only on dispute or compromise.
What a third party can verify without our permission.
1
The Humanproof scoring engine is published under the Apache License 2.0. Anyone with the source and a worker's evidence inputs can re-derive that worker's score and reproduce the trace. There is no proprietary scoring step.
2
Each engine version ships as a deterministic artifact identified by SHA-256 content hash. A verifier suspecting a tampered runtime can rebuild from the source tag, compute the binary hash, and compare. The expected hash is published with the release.
3
Every score is a W3C Verifiable Credential in JSON-LD form, signed by a key whose public half lives at /.well-known/humanproof-score-vc-public-key.json. The credential carries subject, engine version, binary hash, timestamp, and an evidence-trace digest. Verifiers can check the signature against the published key or use the hosted /api/v1/score-vc/verify endpoint.
4
The W3C VC standard supports holder-side selective disclosure. A worker can present a derived credential containing only specific claims, such as 'proficiency advanced for React', without revealing the full evidence trace. Disclosure is the worker's choice, not the issuer's.
The rules above the engine.
Humanproof Premium will never improve a worker's Score. Premium is presentation and an outreach channel only. The moment a worker can pay for a better score, the score loses meaning.
Employer outcome reports are private to Humanproof's analytics corpus. Aggregate or individual employer feedback is not exposed to other workers or other employers.
We will not sell aggregate or individual subject data to data brokers. This commitment is structural, encoded as a non-modifiable clause in the privacy policy.
Cached views of a Score that already exist in third-party systems are not under our control. Revocation invalidates the authoritative form of the credential; we cannot reach into a verifier's screenshot or stored copy. We disclose this rather than promise totality.
Employer-facing surfaces always include decision-support framing. A Humanproof Score helps prioritize review. It does not make hiring decisions.
A third party who receives a Humanproof Score VC and wants to verify it executes the following sequence.
1
Extract the engine version, binary hash, and signature from the Score VC.
2
Check the signature against Humanproof's published signing key. Mismatch means the credential was modified after issuance.
3
Rebuild the engine from the source tag matching the binary hash, compute the artifact hash locally, and confirm reproducibility.
4
RoadmapFetch the engine version's OpenTimestamps anchor and confirm the timestamp predates the credential. This proves the engine existed before it issued the score.
5
RoadmapRequest the evidence trace from the subject. The subject controls this disclosure. Re-derive the score locally against the published engine.
Try it now
Paste a Humanproof Score VC and have the signature, issuer, and revocation status checked. The verifier is public and never persists the credential.
Coming online as the v1 surfaces mature.
Quarterly transparency report: dispute volume, evidence revocations, review SLA compliance, sub-processor changes, security incidents, and any government data requests received.
Public skill-record changelog at standard.humanproof.io/changelog. Every addition, modification, and deprecation in the Humanproof Skill Standard, with public reasoning.
Quarterly Standards Report at humanproof.io/transparency/standards. How HSS evolved that quarter, including community proposals accepted and rejected.
Sub-processor list. Every external service in the data path, updated as the list changes. Workers are notified by email before any new sub-processor is added.
Security disclosures, scoring concerns, and standards proposals are all reviewed by humans. We respond within 48 hours and resolve most cases within seven days.
Last updated May 2026. This page is normative. Conformant operators of the Humanproof Skill Standard must satisfy the properties above or document publicly where and why they do not.