★ Signature standard

A new standard for compliance you can cryptographically verify.

The Machine-Readable Compliance Certificate (MRCC) compresses weeks of auditor back-and-forth into a hash check. Issued once, verified everywhere.

Issue your first MRCC See compliance timeline

From regulation to verifiable artifact

Cryptographic integrity

Ed25519 signature. Tamper-proof. Verifiable offline by anyone with the public key.

Sources fully traceable

Every claim links back to regulation article, control reference, evidence file.

Machine-readable JSON/XML

Procurement systems can validate automatically — no human in the loop.

Multi-jurisdiction

One artifact covers CRA, NIS2, AI Act, RED, DORA. One source of truth.

Sample MRCC payload

A real MRCC is a signed JSON document. Here's what auditors and procurement systems consume :

{
  "mrcc_id": "MRCC-2026-001-CRA",
  "version": "1.0",
  "product": {
    "name": "IoT Security Hub v3.1",
    "organization": "Acme Electronics GmbH"
  },
  "regulations": ["CRA", "NIS2", "RED"],
  "readiness": 0.84,
  "evidence": { "provided": 23, "required": 27 },
  "sbom": { "verified": true, "components": 412 },
  "integrity": {
    "algo": "sha256",
    "hash": "e3b0c44298fc1c14...c91d",
    "signature": "ed25519:...a3f8e2"
  },
  "issued_at": "2026-03-20T14:30:00Z",
  "verify_url": "https://nexcyber.eu/v/MRCC-2026-001-CRA"
}

Live verification in 3 steps

Anyone can verify an MRCC. No account, no API key, no friction.

01
Receive the MRCC

Vendor sends you the signed JSON file or QR code.

02
Paste on verify endpoint

Drag-drop on /verify or scan the QR.

03
Read the verdict

Signature valid · Hash matches · Sources traced.

Issue your first MRCC today.

Free assessment → first MRCC in 5 minutes.

Run free assessment