What AI governance certifications exist?

The HEART AI Foundation issues Heart Verification Credentials (HVCs) — cryptographic credentials that certify scoped deployer governance systems have passed independent governance assessment under the HEART Standard. HVCs come in three tiers based on the BGF score: Gold (Φ ≥ 0.85), Silver (Φ ≥ 0.80), and Bronze (Φ ≥ 0.75).

What is the HVC in AI governance?

An HVC (HEART Verification Credential) is a cryptographic credential issued to scoped deployer governance systems that pass independent governance assessment under the HEART Standard. It certifies compliance across any Division (Emotional Autonomy (HEART-EM), Attentional Integrity, Epistemic Coherence, etc.), creates verifiable audit trails, and can be revoked when the certified scope falls out of compliance.

How do you verify AI governance certification?

HVC certificates are independently verifiable using the HEART Foundation's publicly published root key. Any third party can verify a certificate's authenticity, check its revocation status via OCSP, and confirm the signing key fingerprint — without relying on the issuing organization's word.

HVC (HEART Verification Credential) HEART Standard

An HVC (HEART Verification Credential) is a cryptographic certification credential issued by the HEART AI Foundation for a scoped deployer governance system that has passed independent assessment under the HEART Standard. It is domain-agnostic: the same credential architecture applies across all seven Divisions, from Emotional Autonomy to Ecological Stewardship. The credential creates a tamper-evident audit trail and can be revoked when the certified governance scope falls out of compliance, transforming the Standard from aspirational guidelines into enforceable infrastructure.

How it works

HVC certification requires the scoped governance system to pass independent BGF evaluation before a credential is issued. The BGF score (Φ) determines which of three tiers the scope qualifies for:

Tier	Name	BGF Threshold	Recertification	Guardian oversight
Gold	Highest trust	Φ ≥ 0.85	Annual	Required
Silver	Strong trust	Φ ≥ 0.80	Biennial	Recommended
Bronze	Baseline trust	Φ ≥ 0.75	Annual with progress review	Mandatory

A governance scope below Φ = 0.75 is denied certification and receives a gap analysis instead.

Once issued, the credential is cryptographically signed by the HEART Foundation root authority and contains the holder’s public key, certified scope, certified Divisions, validity window, and revocation endpoint. The credential is independently verifiable: any third party can check authenticity and revocation status against the Foundation’s public registry without relying on the assessed organization’s word.

HVC tiers are domain-agnostic. A Gold certification in Attentional Integrity and a Gold certification in Ecological Stewardship both require Φ >= 0.85. The Divisions being assessed differ. The rigor of assessment does not. An organization can hold HVC credentials across multiple Divisions, each independently assessed and independently revocable. Continuous BGF monitoring runs on a rolling window. If Φ drops below the tier threshold, the certified scope has a grace period to remediate before revocation is initiated.

Why it matters

Before cryptographic certification, AI governance was self-reported. An organization could claim HEART compliance, publish a policy document, and have no independent mechanism to verify the claim. HVCs close that gap the same way TLS certificates close it for web security: the credential is only as good as the issuing authority’s root key, and the root key is public and independently auditable.

The revocation mechanism gives the credential teeth. A certified scope that breaches HEART principles — sustained BGF non-compliance, constitutional violations, evidence of audit log tampering — loses its certification status. The organization is ineligible for reissuance until the failure is remediated and reassessed. This is compliance infrastructure, not compliance theater.

HVCs also serve as market signals. Procurement teams evaluating AI vendors, insurers pricing liability risk, and investors assessing governance quality can all check HVC status against the public registry without relying on any party’s self-assessment. A Gold credential tells counterparties exactly what was measured, which Guardian certified it, and when it expires.

The analog

X.509 certificates secure the web. Code signing certificates secure software supply chains. HVCs secure AI governance claims. The underlying mechanism is analogous: a trusted root authority issues credentials, holders identify certified scopes, and verifiers check credential status against the public key. The difference is what’s being verified — not server identity or binary integrity, but a deployer’s ongoing governance-system posture.