Any vendor can display an R2, NAID AAA, or RIOS logo on their website. The logo by itself proves nothing — it is a claim, not evidence. What separates a real certification from a graphic is that the real one is registered, numbered, and listed in a public database anyone can search.
The registries are open. SERI publishes every certified R2 facility; i-SIGMA publishes every NAID AAA certified firm; state environmental agencies list permitted processors. Search the vendor's legal name. The certification should appear, be current rather than expired, and — the part people skip — its scope should actually cover the work you need, whether that is logical data sanitization, physical destruction, or downstream recycling.
It takes two minutes. A logo is a claim; a verifiable certificate number is proof. Look up any vendor before you trust the badge — and ask for the certificate, not the picture.
The credentials packet collects the certificates, registry numbers, and coverage so you can verify each one yourself.