Tamper-Proof Photo Evidence for Disputes

“Photos can be Photoshopped.” The moment a dispute gets serious, that sentence is coming. Here’s why ordinary photos are challengeable, what makes photo evidence credible, and how cryptographic sealing turns a picture into proof.

Why ordinary photos are easy to challenge

A photo asserts “this is what X looked like at time T.” A challenger doesn’t have to prove it’s fake — only that it could be. And with ordinary photos, it could: image editors are free, EXIF metadata (the file’s embedded date and GPS) can be rewritten with one-line tools, and date stamps burned into the pixels are themselves just pixels. In formal settings this maps to authentication rules (in the U.S., Federal Rule of Evidence 901): the proponent must show the item is what they claim it is. The harder that showing, the weaker your position — long before any courtroom, in the negotiation where most disputes actually resolve.

What makes photo evidence credible

Forensic practice converges on three properties:

  1. Sealed at capture — the image is fingerprinted the moment it’s taken, not certified after the fact (by then, edits could already exist).
  2. Bound metadata — time, location, and device info are tied to the image content, so none can be swapped independently.
  3. Independently verifiable — anyone can check the seal later without trusting your word.

How cryptographic sealing works (in plain terms)

A hash (SiteProof uses SHA-256) is a fingerprint of a file: feed the identical file in, the identical fingerprint comes out; change one pixel and the fingerprint changes completely. Sealing a photo means computing this fingerprint at capture and signing it (SiteProof uses an HMAC signature with a key that lives in your device’s Keychain). Verification recomputes the fingerprint and checks it against the sealed one — a mismatch proves modification; a match proves the bytes are exactly the ones the camera produced.

This is tamper-evident, and that’s the honest term: nothing prevents someone editing a copy of the photo — but the edited copy can no longer pass verification against the sealed fingerprint. The original, unedited record is distinguishable from any alteration, which is precisely what an authenticity challenge is about.

SiteProof evidence package in the Files app containing photos, PDF report, proof manifest JSON, and client signature
The evidence package: photos, report, proof manifest, and signature in one ZIP.

What’s in a SiteProof evidence package

With Dispute-Proof Mode on, SiteProof can export a job’s complete evidence chain as a single ZIP:

You can also re-verify any photo on-device at any time — useful the day before a difficult conversation.

Not legal advice: admissibility and the weight of digital evidence vary by jurisdiction and case. What sealing changes everywhere is the practical dynamic: “photos can be edited” stops being a conversation-ender, because yours demonstrably weren’t.

The unglamorous truth about disputes

Almost no contractor dispute reaches a judge. They resolve in emails and phone calls, and they resolve in favor of whoever’s documentation makes continuing the argument feel hopeless. A sealed, timestamped, signed-off record doesn’t win the lawsuit — it prevents it. That’s the outcome worth $9.99.

Proof they can’t dispute.

Dispute-Proof Mode seals every photo at capture and exports a verifiable evidence package. Part of SiteProof Pro — $9.99 once.

Download on the App Store

Free for up to 3 jobs · Pro is $9.99 once — no subscription · iPhone & iPad, iOS 17.1+