How We Calculate Trust Scores

Trust scores are the foundation of SignalStack's verification platform. Every claim, document, and identity submitted to our API returns with a single number between 0 and 100 that encapsulates how confident we are in its veracity. But what actually goes into that number? This article pulls back the curtain on SignalStack's trust scoring engine — the weighted multi-dimensional model, evidence chain construction, and verdict threshold system that powers every verification request.

The Scoring Framework

SignalStack's trust score is not a black box. It is a composite of several independently calculated dimensions, each weighted by importance and informed by real-time evidence from multiple sources. The final score uses a weighted harmonic mean, which penalizes low scores in any single dimension more aggressively than a simple average would. This ensures that a claim failing badly in one area — say, source authority — cannot hide behind strong scores in other dimensions.

Weighted Dimensions

The trust score aggregates across five core dimensions, each contributing a sub-score from 0 to 100:

• Source Authority (weight: 35%) — Measures the credibility of the originating source. Official domains, authoritative APIs, and verified organizational accounts score highest. Anonymous forums and unverified social media accounts score lowest.
• Recency (weight: 20%) — Evaluates how current the information is. Recency decay follows an exponential curve with domain-specific half-lives. Financial data may decay in seconds; identity documents decay over months.
• Corroboration (weight: 25%) — Cross-references the claim against independent sources. The more independent sources that agree, the higher the score. Single-source claims receive a baseline corroboration score of 30.
• Internal Consistency (weight: 10%) — Checks for contradictions within the claim itself. Does the metadata match the content? Are timestamps consistent? Are cryptographic signatures valid?
• Historical Accuracy (weight: 10%) — Tracks the historical veracity of the source. Sources with a proven track record of accurate claims score higher; sources with a history of false or misleading claims are penalized.

Source Authority Scoring in Practice

Source authority is the most heavily weighted dimension for good reason. In information verification, the credibility of the origin is often the strongest signal available. SignalStack classifies sources into tiers using domain reputation databases, certificate transparency logs, and organizational verification (see /product for how this integrates into the broader platform).

A `.gov` domain publishing economic data receives a near-perfect authority score. A PDF invoice emailed from a Gmail address claiming to be from a Fortune 500 company triggers an automatic authority penalty — and a document analysis check via /product/document-analysis. The scoring engine doesn't just look at the domain; it evaluates the full chain of custody: who signed the document, what certificate authority issued the signing key, and whether the organizational identity matches the claim being made.

Recency and Domain-Specific Decay

Not all information ages equally. A stock price quote from ten seconds ago is nearly worthless; a verified identity document from six months ago remains highly relevant. SignalStack applies domain-specific half-lives to the recency dimension:

• Financial data and market prices: 30-second half-life
• News events and current affairs: 24-hour half-life
• Identity documents and credentials: 90-day half-life
• Business registration data: 30-day half-life
• Scientific claims and published research: 180-day half-life

These half-lives are configurable per organization. A hedge fund verifying market data will want tighter recency thresholds than a university verifying academic credentials. The /docs/guides/trust-scoring documentation covers the full configuration surface.

The Scoring Formula

The final trust score is computed using a weighted harmonic mean of the five dimension scores. The harmonic mean is chosen deliberately: it penalizes low outlier scores more severely than the arithmetic mean, preventing a single failed dimension from being masked by strong performance elsewhere.

TrustScore = (Σ wᵢ) / (Σ wᵢ / sᵢ)

Where:
  wᵢ = weight of dimension i
  sᵢ = sub-score of dimension i (0-100)

With default weights:
  w = [0.35, 0.20, 0.25, 0.10, 0.10]
  s = [authority, recency, corroboration, consistency, history]

Consider a claim with strong authority (95), moderate recency (70), weak corroboration (30 — single source), perfect consistency (100), and good history (85). The arithmetic mean would give a misleading 76. The harmonic mean correctly pulls it down to 62, reflecting the real risk of accepting an uncorroborated claim. This claim would land in the "flag for review" zone rather than passing automated acceptance.

Evidence Chains

Every trust score comes with an evidence chain — a transparent, auditable record of how the score was derived. Each dimension score is supported by specific evidence items: timestamps of source retrieval, checksums of referenced documents, and links to corroborating or contradicting sources. This is critical for compliance with GDPR Article 22 and similar regulations that require explainability in automated decision-making.

Cross-Reference Analysis

When a claim is submitted, SignalStack automatically identifies potential corroborating or contradicting sources. The corroboration engine searches indexed public databases, previously verified claims, and organization-specific knowledge bases. Each match is scored for independence and relevance.

The independence filter is critical. Two claims that both originate from the same upstream press release do not count as independent corroboration. True corroboration requires sources that are independent at the point of origin — a distinction that many verification systems miss. SignalStack's engine traces claims back to their root sources using citation graphs and publication timelines.

Verdict Thresholds

The raw trust score maps to a verdict through configurable thresholds. SignalStack provides sensible defaults that organizations can customize through their trust policies:

1. Trust Score ≥ 80: Verified — The claim meets the confidence threshold for automated acceptance. No human review needed. Suitable for high-automation workflows.
2. Trust Score 60–79: Flagged — The claim requires human review. Confidence is moderate but not sufficient for fully automated decisions. Escalated with full evidence chain.
3. Trust Score 40–59: Suspect — The claim shows signs of manipulation, inconsistency, or insufficient corroboration. Priority review triggered with recommendations for investigation.
4. Trust Score < 40: Blocked — The claim is likely fraudulent or deeply unreliable. Automatically rejected with a detailed evidence report explaining which dimensions failed.

"A trust score without an evidence chain is just a number. The real value is in understanding why that number is what it is — and being able to prove it to auditors, regulators, and users." — SignalStack Engineering Team

Conclusion

SignalStack's trust scoring engine is designed to be both rigorous and transparent. By decomposing trust into weighted dimensions, maintaining auditable evidence chains, and providing configurable verdict thresholds, we give AI agents and their operators the tools to make informed decisions at machine speed. The score is the entry point — the evidence chain is what makes it actionable. Dive deeper into configuration at /docs/guides/trust-scoring, or explore the full platform at /product.