Don't know for sure but if GAI or whoever else is doing a mass authentication of a scheduled signing, it would be significantly easier not to mention less costly to take one photograph and generate certificates for all of the items signed that session.
The logistics of matching photo to helmet or whatever else, would get unmanagable.
Not the same industry but ASTM would allow us to issue one COA for each batch of manufactured product when the batch was eventually divided into as many as 250 unique items. We did not have to sample each unique item. I would think the same thought process would apply.
That is if you really trust GAI and their internal procedures.
By the way are they ISO 9000 certified?
I would be glad to conduct the audit of their policy and procedures and processing systems.