A smart, secure Fake Degree / Certificate Recognition System
Built end-to-end (design β frontend β backend) in TypeScript + React by Swarnendu Majumder
Submission: Smart India Hackathon 2025
This project detects and prevents fake academic certificates by combining OCR, AI heuristics, and cryptographic verification.
Supports: scanned PDFs/images (legacy certificates) and digitally-issued certificates (with embedded hashes / QR / blockchain anchor).
Key capabilities:
- OCR extraction (name, roll no., marks, cert id)
- Pattern and metadata anomaly detection (tampered grades, cloned photos, forged seals)
- Database matching (institution records) β bulk or real-time ingestion
- Optional blockchain anchoring & QR/hash verification
- Admin dashboard, alerts, blacklisting, audit logs
| Path | Description |
|---|---|
| app/api/auth/ | Authentication endpoints (signup, signin, OTP, etc.) |
| app/api/employee/ | Employee-related APIs (approve users, pending users) |
| app/api/admin/ | Admin-related APIs |
| app/dashboard/ | Role-based dashboards (student, employer, institution, government, admin) |
| app/signup, signin, verify-otp | User-facing authentication pages |
| components/ | Reusable React components |
| components/ui/ | UI primitives (button, card, input, etc.) |
| lib/db.ts | Database connection |
| lib/models/ | Mongoose models (User, PendingUser, OTP, Employee) |
| lib/email.ts | Email utilities |
| lib/cloudinary.ts | Cloudinary integration for uploads |
| public/ | Static assets (images, icons, etc.) |
| .env.local | Local environment variables |
| next.config.js | Next.js configuration |
| package.json | Dependencies and scripts |
| tsconfig.json | TypeScript configuration |
- Frontend: React (TypeScript), React Router, Tailwind CSS (or Chakra)
- Backend: Node.js + TypeScript, Express
- DB: MongoDB (Primary) β PostgreSQL optional for relational cert metadata
- OCR: Tesseract.js (edge) / hosted Tesseract service or AWS Textract (plug-in)
- AI / ML: Lightweight model / heuristics for anomaly detection (Python microservice or node bindings)
- Blockchain (optional): Ethereum / Polygon for anchoring certificate hashes
- Storage: AWS S3 / Cloudinary for uploaded files
- Queue / Workers: BullMQ / Redis for async OCR & validation jobs
- Auth: JWT + Role-based access (Employer / Institution / Admin)
- Deployment: Vercel (frontend) + Heroku / AWS ECS / VMs (backend)
- Node.js >= 18
- npm / pnpm / yarn
- MongoDB instance (local or cloud)
- Redis (for job queue)
- (Optional) AWS credentials if using S3
git clone https://github.com/Swarnendu1234/authenticity-validator.git
cd authenticity-validator-academianpm install
npm run devCLOUDINARY_CLOUD_NAME=
CLOUDINARY_API_KEY=
CLOUDINARY_API_SECRET=
MONGODB_URI=
EMAIL_USER=
EMAIL_PASS=
EMAIL_HOST=You can choose anything(e.g. smtp.gmail.com)
EMAIL_PORT=You can choose anything(e.g. 587)
JWT_SECRET=
NEXT_PUBLIC_BASE_URL=- Upload: "File stored in secure object storage"
- Queue: "Async job created for OCR & validation"
- OCR: "Extract text & fields using Tesseract/AI"
- Preprocess: ["Normalize fonts", "Detect photo/seals", "Enhance image"]
- Heuristics_ML: ["Template/layout check", "Signature analysis", "DB match", "Duplicate detection"]
- Crypto_Check: "Validate hash/QR via blockchain or DB anchor"
- Report: "Generate result with confidence & highlights"
- Admin: ["Approve/Reject", "Blacklist offenders", "Notify stakeholders"]
- Bulk Upload: CSV / JSON import support for onboarding legacy data
- Real-time API:
/api/v1/institutions/:id/certswith mutual authentication - ERP Adapters: Export connectors for popular ERP systems
- Transport: TLS enforced across all services
- Encryption: Field-level PII encryption for sensitive data
- Access Control: Role-based access (Admin, Institution, Employer, Auditor)
- Auditability: Complete logs for all actions & events
- Compliance: GDPR & India IT Act aligned
- Live activity feed for real-time monitoring
- Powerful search (student / certificate / institution)
- Blacklist & Whitelist management
- Download evidence packages
- Export reports (CSV / PDF)
- Alerts via Email, SMS, or Webhook integrations
Here are some demo screenshots of the project:
Note: Sole author for this hackathon submission. Open-source contributions are welcome after the event.
- Fork the repository
- Create a feature branch
- Submit a PR with proper tests & documentation
- Keep commits atomic & descriptive
- Always enable TypeScript strict mode
- Use ESLint + Prettier for consistent code style
This project is licensed under the MIT License.
See the LICENSE file for details.
Swarnendu Majumder
π§ swarnendumajumdert2007@gmail.com
π‘ Full website (design β frontend β backend) built by the author.
π Submitted as part of Smart India Hackathon 2025.