What is C2PA?
Disclaimer: This article is an independent educational guide. C2PA Viewer is not affiliated with the C2PA coalition or any of its member organizations. All specification references cite publicly available documents.
TL;DR — What is C2PA in 60 seconds
- What: An open technical standard for embedding cryptographically signed provenance data inside digital media files.
- Who: Created by a coalition founded by Adobe, Arm, BBC, Intel, Microsoft, and Truepic in February 2021.
- How: A C2PA Manifest (also called a Content Credential) travels inside the file and records who made it, when, and what tools were used.
- Why: Deepfake incidents surged from 500,000 to 8 million cases between 2023 and 2025 — provenance gives media a verifiable chain of custody.
- Spec version: C2PA v2.2 was published May 2025; v2.3 is the current draft.
The Short Answer: What C2PA Is
C2PA — the Coalition for Content Provenance and Authenticity — is a Joint Development Foundation project that publishes royalty-free, open technical specifications for attaching verifiable provenance metadata to digital media. A C2PA-enabled camera, photo editor, or AI platform can embed a signed record inside any image, video, audio file, or document. That record travels with the file and can be verified by anyone using any compliant tool — no internet connection or central database required.
The core data structure is called a C2PA Manifest, also marketed as a Content Credential. It contains assertions about who created the content, when, what tools were used, whether AI was involved, and every meaningful edit made since capture. The manifest is digitally signed — any tampering breaks the signature and is immediately detectable.
The Problem C2PA Solves
Generative AI has made synthetic media indistinguishable from authentic media at a visual level. Deepfake incidents tracked globally surged from approximately 500,000 cases in 2023 to over 8 million in 2025 — a 900% increase in two years, according to identity security researchers. At the same time, synthetic content is projected to account for up to 90% of online media by 2026 (Deloitte Technology, Media and Telecom Predictions, 2025).
Detection-only approaches — AI classifiers that try to spot fakes — are a losing battle because generative models improve continuously. C2PA takes a different approach: instead of detecting fakes after the fact, it focuses on proving authenticity at the point of creation. Content that carries valid C2PA credentials does not need to be detected as real; it cryptographically proves its origin.
The U.S. Department of Defense's Cybersecurity and Infrastructure Security Agency (CISA) endorsed content credentials as a key countermeasure in a January 2025 advisory titled “Strengthening Multimedia Integrity in the Generative AI Era”, recommending their adoption by government agencies and critical infrastructure operators.
How C2PA Works: Step by Step
The C2PA workflow has three stages: signing, embedding, and verification.
| Stage | Who acts | What happens |
|---|---|---|
| 1. Signing | Camera, software, or AI platform | Assembles assertions into a claim and signs the claim with a private key issued by a trusted Certificate Authority |
| 2. Embedding | Signing tool | Stores the signed manifest inside the file (JUMBF container) or as a sidecar file; a hard binding cryptographic hash links manifest to pixel data |
| 3. Verification | Any C2PA-compliant tool or viewer | Reads the manifest, validates the certificate chain, checks the hard binding hash against the current file bytes, and reports pass or fail |
The verification step requires no network call to the original signer — all required certificates travel inside the manifest. This offline-verifiable design is critical for newsrooms, courts, and any use case where connectivity is limited or the original platform is unavailable.
C2PA vs. Other Authenticity Approaches
C2PA is not the only approach to content authenticity, but it is the only one backed by a major cross-industry specification body. Here is how it compares to alternatives.
| Approach | How it works | Limitation |
|---|---|---|
| C2PA / Content Credentials | Signed metadata embedded in the file | Removed if file is re-saved by non-C2PA tools; no signal on stripped files |
| Invisible watermark | Pattern embedded in pixel data | Survives some re-saves but can be cropped or degraded; carries limited data |
| AI detection classifiers | Statistical model predicts real vs. fake | Accuracy degrades as generative models improve; high false-positive rate |
| Blockchain registration | Hash of file recorded on-chain at creation | Proves a file existed at a point in time but not who created it or how it was made |
| EXIF / IPTC metadata | Camera writes device info to file headers | Unsigned — anyone can edit it with free tools; no tamper detection |
Who Supports C2PA
C2PA was founded in February 2021 by six organizations and has expanded significantly. The following table shows major members and their roles as of early 2026.
| Organization | Sector | Role / Implementation |
|---|---|---|
| Adobe | Software / Creative tools | Founding member; C2PA signing in Photoshop, Lightroom, Firefly, and Stock |
| Microsoft | Software / Cloud | Founding member; Project Origin lead; Azure content integrity APIs |
| BBC | News media | Founding member; Project Origin lead; news content verification workflows |
| Sony / Leica / Nikon | Camera hardware | C2PA signing built into professional camera bodies |
| Mobile / AI | C2PA credentials planned for Pixel 9 camera and Imagen AI generator | |
| Stability AI / OpenAI | Generative AI | Content credentials on AI-generated images to disclose synthetic origin |
The C2PA Specification: Version History
The C2PA specification is an evolving open standard. Key milestones:
- v1.0 (January 2022): First public release of the full technical specification, covering manifest structure, assertions, and signing requirements.
- v1.3 (January 2023): Added support for cloud signing workflows and soft binding for streaming media.
- v2.0 (November 2023): Introduced the COSE-based claim signature format and time-stamp authority integration.
- v2.1 (September 2024): Expanded assertion types including AI training data disclosure assertions.
- v2.2 (May 2025): Current stable release; added video streaming support, extended file format coverage, and updated Trust List infrastructure.
- v2.3 (in progress): Active draft addressing cross-platform credential portability and hardware security module requirements.
Regulatory and Policy Momentum
C2PA is moving from voluntary industry standard to regulatory baseline. Key developments:
- The EU AI Act (effective August 2026) requires transparency labeling for AI-generated content — C2PA's AI assertion type directly satisfies this requirement.
- The U.S. Digital Authenticity and Provenance Act (2025) mandates content provenance disclosure for federally regulated media contexts.
- CISA's January 2025 advisory explicitly recommends C2PA adoption for government and critical infrastructure media pipelines.
- The Library of Congress launched a community of practice in July 2025 to explore C2PA adoption in archival and preservation workflows.
Which Cameras and AI Tools Support C2PA?
C2PA has moved from specification into shipping hardware and software. Here are the major implementations as of early 2026:
- Leica M11-P (October 2023) — the first consumer camera with C2PA built in. Signs every JPEG and DNG by default using a dedicated hardware security chip.
- Sony α9 III / α1 II (2024) — C2PA support via Sony's Imaging Edge cloud, opt-in per shoot.
- Samsung Galaxy S25 (January 2025) — C2PA credentials on AI-edited photos only.
- Nikon Z6 III (August 2025) — C2PA added via firmware, then suspended after a critical signing vulnerability. All certificates revoked. Service not yet restored.
- Google Pixel 10 (September 2025) — every photo signed by default with hardware-backed keys (Titan M2) and an on-device timestamping authority (Tensor G5).
- AI image generators — Adobe Firefly, OpenAI DALL-E 3, Sora, and Google Imagen all embed C2PA credentials identifying content as AI-generated. Midjourney does not.
For a detailed breakdown of supported formats and the current specification version, see the C2PA spec versions and file formats reference.
Limitations and Open Challenges
C2PA is powerful but not a complete solution on its own. Honest assessments of its current limits:
- Strip attacks: A non-C2PA tool can save a JPEG without the manifest container, silently removing all credentials. The absence of a manifest does not prove a file is fake — only that it lacks verifiable provenance.
- First-mile trust: C2PA proves a file was signed by a specific device or software, but cannot verify that the camera was pointed at what it purports to show.
- Trust List maturity: The Certificate Trust List that defines which signers are recognized is still maturing; revoked or expired certificates require timely infrastructure updates.
- Adoption gaps: Consumer smartphone cameras (outside Pixel and Leica partnership programs) do not yet sign natively, meaning most user-generated content remains unsigned.
Frequently Asked Questions
What does C2PA stand for?
C2PA stands for Coalition for Content Provenance and Authenticity. It is a Joint Development Foundation project that publishes open technical standards for attaching verifiable provenance metadata to digital media files.
Who founded C2PA?
C2PA was founded in February 2021 by Adobe, Arm, BBC, Intel, Microsoft, and Truepic. It merged Adobe's Content Authenticity Initiative (CAI) with Microsoft and BBC's Project Origin.
How does C2PA work technically?
C2PA embeds a digitally signed data structure called a C2PA Manifest inside a media file. The manifest contains assertions about origin, edit history, and tools used. Each manifest is signed with a private key, and the certificate chain lets any verifier confirm authenticity without contacting the original creator.
What file formats does C2PA support?
The C2PA specification v2.2 (May 2025) supports JPEG, PNG, WebP, AVIF, HEIC, MP4, MOV, PDF, MP3, WAV, and more. The manifest container uses JUMBF format, which can be embedded in or associated with files in multiple ways.
Does C2PA protect privacy?
Yes. Creators control which assertions are included. GPS coordinates are optional and can be omitted or generalized. Fields can be redacted after signing, with the redaction itself recorded in the manifest to preserve chain of trust.
Is C2PA the same as a watermark?
No. Watermarks alter pixel data and can be cropped away. C2PA manifests are structured metadata in a file container and do not change visual content. C2PA also provides cryptographic tamper detection that watermarks cannot offer.
Verify C2PA Content Now
Upload any image, video, or PDF to the C2PA Viewer to inspect its manifest, verify signatures, and read provenance assertions — no account needed.
Open C2PA Viewer →