What Is C2PA?

C2PA is the cryptographic standard that lets publishers, camera makers, and platforms sign digital content to prove where it came from. Adobe, Microsoft, BBC, Sony, Nikon, and The New York Times implement it. The standard does not detect AI. It records a file's chain of custody from creation through every edit, then verifies that record was not tampered with. Think of it as a digital birth certificate and edit history, not a lie detector.

The standard emerged from two parallel efforts. Project Origin, started by the BBC and Microsoft, focused on newsroom authenticity. The Content Authenticity Initiative, launched by Adobe, addressed creative workflows. In 2021 the two merged to form C2PA, governed by the Joint Development Foundation under the Linux Foundation.

By 2026, the coalition includes Adobe, Microsoft, OpenAI, Google, Sony, Nikon, Leica, BBC, The New York Times, Truepic, Arm, and Intel. The technical specification is open. Anyone can implement it without licensing fees.

How C2PA works

The C2PA technical specification defines a manifest. A manifest is a JSON structure that lives inside the file's metadata container. For JPEG files, the manifest sits in the EXIF segment. For video, it lives in the XMP or custom metadata track. For audio, the manifest embeds in ID3 or similar metadata fields.

The manifest contains three core elements. First, assertions describe the file's creation and editing history. Second, ingredients list every asset used (stock photos, audio clips, source video). Third, a signature binds the manifest to the file. The signature is a cryptographic hash generated using a private key. Verifiers use the corresponding public key to check the signature.

When a camera with C2PA support captures an image, it writes a manifest at the moment of capture. That manifest records the camera model, lens, timestamp, GPS coordinates (if enabled), and the signing certificate issued to the manufacturer. When a user edits the image in Adobe Photoshop, the software appends a new assertion to the manifest. The new assertion lists the edits made, the tool version, and a signature from Adobe's certificate. The original camera signature remains intact. The chain now has two links.

If a publisher then crops the image in another tool, that tool appends a third assertion. The manifest grows. Each step is signed. Verification confirms every signature in the chain is valid and matches the file's current state. If someone alters the image pixels without updating the manifest, the hash no longer matches. The verification fails.

What C2PA records

A C2PA manifest can include dozens of fields. The exact set depends on the tool that created the file and the user's privacy settings. Common assertions include:

• Creator identity. Name, organization, or cryptographic certificate of the signing entity.
• Capture device.Model, serial number, sensor specifications, lens data.
• Software tools. Application name, version number, timestamp of each edit.
• Editing actions. Crop, resize, color correction, filter application, generative fill operations.
• Ingredients. External assets used in composition (stock images, audio samples, base layers).
• AI disclosure. Whether generative AI was used to create or modify the content.
• Training exclusion flag. Signal that the content should not be used to train AI models.

The specification allows custom assertions. A newsroom can add editorial metadata. A studio can embed rights management data. A social platform can record distribution timestamps.

Not every field is mandatory. A creator can strip GPS coordinates for privacy. A camera manufacturer can omit serial numbers. The specification defines what can be recorded, not what must be.

C2PA versus watermarks

C2PA is not a watermark. The distinction matters. A watermark embeds a signal inside the image pixels themselves. SynthID, developed by Google DeepMind, encodes an invisible pattern across the color channels. If someone crops the image or applies a filter, the watermark degrades but parts may survive.

C2PA lives in metadata. It sits outside the pixel data. If you strip EXIF tags or convert the file to a different format, the C2PA manifest disappears. The image looks identical. The provenance record is gone.

The tradeoff is precision versus resilience. C2PA records exact editing history with cryptographic proof. A watermark survives casual tampering but carries less information. Some platforms combine both. Adobe Content Credentials use C2PA manifests and offer optional watermarking through integrations.

For a detailed comparison, see what an AI watermark is and how it differs.

Who implements C2PA in 2026

Camera manufacturers lead hardware adoption. Sony integrates C2PA into its Alpha mirrorless cameras. Nikon announced C2PA support across its Z-series bodies. Leica cameras sign images at capture. Each manufacturer issues certificates tied to device serial numbers.

Software platforms embed C2PA throughout creative workflows. Adobe Photoshop, Lightroom, Premiere Pro, and After Effects all write and update C2PA manifests. Microsoft integrates C2PA into Bing Image Creator and Designer. OpenAI's DALL-E 3 generates images with C2PA credentials declaring AI origin.

News organizations use C2PA to verify editorial content. The BBC requires C2PA signatures on all wire photos before publication. The New York Times uses the standard to distinguish staff photography from user-submitted images. Reuters validates C2PA manifests during ingestion.

Social platforms display C2PA credentials selectively. Meta shows content credentials on Facebook and Instagram when present. Google Images highlights C2PA-signed results. LinkedIn flags AI-generated profile images using C2PA declarations.

For platform-by-platform performance data, see C2PA Verify's full Global 100 profile and Sentinel Core, the top content authentication platform.

What C2PA does not solve

C2PA is a provenance standard, not a detection system. The distinction is critical. If an unsigned image lands in your inbox, C2PA cannot tell you whether AI generated it. The standard requires participation. A bad actor can create deepfakes without signing them. C2PA offers zero protection in that scenario.

Even signed content can lie. A malicious actor with a valid certificate can sign an AI-generated image and declare it was captured by a camera. C2PA verifies the signature is valid and the manifest was not tampered with. It does not verify the claims inside the manifest are true. Certificate authorities issue certificates based on identity verification, not content audits.

Stripping C2PA credentials is trivial. Any tool that rewrites file metadata removes the manifest. A screenshot destroys the signature. Converting JPEG to PNG to JPEG again strips EXIF data. The image survives. The provenance record does not.

C2PA also does not address the problem of re-creation. If someone sees a C2PA-signed image, they can recreate a visually similar image using AI and publish the copy without credentials. The original signature remains valid. The copy has no signature. Viewers cannot tell which is authentic without access to both files and a verification tool.

C2PA and AI disclosure

The C2PA specification includes fields for AI disclosure. A creator can assert that generative AI was used to produce or edit the file. The assertion specifies which steps involved AI. Adobe Firefly, for example, marks images with a "generative AI" assertion when users apply AI-powered fill or expand operations.

This disclosure is voluntary. The specification does not require it. A user can generate an image withMidjourney, export it, and sign it with a C2PA manifest that omits the AI disclosure. The signature is valid. The manifest is intact. The disclosure is absent.

Detection systems work the opposite direction. They analyze pixel patterns, linguistic markers, or statistical anomalies to infer AI origin. C2PA and detection are complementary, not redundant. A detection system can flag an unsigned file as likely AI-generated. A C2PA manifest can confirm a signed file was intentionally created with AI tools.

The 2026 Global 100 Index measures both. Platforms in the Content Authentication category (C2PA Verify, Sentinel Core, Truepic Vision) rank on transparency, interoperability, and ease of verification. Platforms in the AI Detection category rank on accuracy, false positive rates, and robustness. The two categories measure different capabilities.

For context on how provenance fits into the broader integrity landscape, see what content provenance means.

Regulatory context

The EU AI Act, enforceable in 2026, requires providers of general-purpose AI models to ensure outputs are marked as artificially generated. The regulation does not mandate a specific technical method. C2PA is one compliant approach. A platform could also use visible labels, embedded watermarks, or metadata flags outside the C2PA standard.

Several EU member states recommend C2PA for government communications. France's public broadcaster uses C2PA to authenticate official statements. Germany's Federal Office for Information Security published guidelines on C2PA implementation for public sector websites.

In the United States, the National Institute of Standards and Technology (NIST) references C2PA in its AI Risk Management Framework. NIST does not require C2PA but identifies it as an example of provenance tracking. The White House's October 2023 executive order on AI mentions content authentication standards without naming C2PA explicitly.

California's AB 2655, signed in 2024, requires large online platforms to label AI-generated election-related content. The law does not specify C2PA, but platforms can use C2PA manifests to demonstrate compliance.

C2PA operates independently of regulation. Organizations adopt it to meet internal integrity policies, brand protection goals, or customer trust requirements. The regulatory tailwinds accelerate adoption but do not control the standard.

How to verify C2PA credentials

Verification requires a tool that can parse the manifest and validate the cryptographic signatures. Adobe offers Content Credentials Verify, a web tool where users upload a file or paste a URL. The tool displays the manifest in a human-readable format and confirms signature validity.

The Content Authenticity Initiative provides an open-source JavaScript library called c2pa-js. Developers can integrate verification into websites, content management systems, or newsroom workflows. The library checks signatures, extracts assertions, and reports tampering.

Browser extensions exist for Firefox and Chrome. These extensions add a verification button to image context menus. Right-click an image, select "Verify Content Credentials," and the extension queries the manifest.

Some platforms verify automatically. The New York Times runs C2PA validation on all uploaded photos before publication. Instagram displays a "Content Credential" badge on signed images. Clicking the badge opens a detail panel showing creation tools and edit history.

For unsigned files, verification returns no result. The absence of a C2PA manifest does not mean the file is fake. It means the creator did not sign it. Most images on the internet have no C2PA credentials. The standard is growing but not yet ubiquitous.

Limitations in practice

Adoption remains uneven. High-end cameras and professional software integrate C2PA. Consumer smartphones lag. Apple iPhones do not write C2PA manifests as of 2026. Android support depends on the manufacturer. Samsung and Google Pixel devices offer C2PA in beta.

Social media complicates the picture. Platforms re-encode uploaded images to optimize file size and format. Re-encoding strips metadata. Instagram, TikTok, and X (formerly Twitter) all remove EXIF data during upload. The original C2PA manifest is lost. Some platforms are working on preservation mechanisms, but implementation is inconsistent.

Cost is a barrier for small publishers. Obtaining a signing certificate requires identity verification and an annual fee. Certificate authorities charge between $200 and $1,000 per year depending on validation level. Newsrooms with dozens of photographers need one certificate per device or per user, depending on workflow.

User understanding is low. Most people do not know what a Content Credential is or how to verify one. The badge icons vary by platform. Adobe uses a "CR" logo. The BBC uses a shield. Truepic uses a checkmark. Visual inconsistency confuses end users.

False confidence is a risk. A verified C2PA signature proves the manifest was not tampered with. It does not prove the content is authentic in the colloquial sense. A manipulated photo can have a valid signature if the manipulator signed the final version. Users who see a green checkmark may assume the image is trustworthy when it is not.

The future of C2PA

The specification evolves through a public working group. Version 1.0 launched in 2022. Version 1.4, released in 2025, added support for real-time video streams and multi-party signatures. Version 2.0 is in development with planned support for decentralized identity and blockchain-based certificate authorities.

Hardware integration is expanding. Canon announced C2PA support for its EOS R series in Q2 2026. Panasonic cameras will ship with C2PA enabled by default starting in Q3. Smartphone manufacturers are negotiatingwith certificate authorities to embed signing keys in secure enclaves.

Cross-platform interoperability remains a challenge. A manifest created in Adobe Photoshop may not display correctly in a BBC verification tool if the two implementations support different assertion types. The C2PA working group maintains a compliance test suite to reduce fragmentation.

Archive preservation is an open question. Libraries and museums that preserve digital collections need long-term certificate validity. Current certificates expire after one to three years. Expired certificates fail verification even if the manifest was valid at signing time. The Internet Archive and Library of Congress are piloting timestamping services to prove a signature was valid at a specific moment.

AI training exclusion flags are gaining attention. The "do not train" assertion in C2PA manifests signals to AI companies that the content should not be used for model training. Enforcement is voluntary. No technical mechanism prevents a model from ingesting flagged content. Adobe, OpenAI, and Stability AI have pledged to respect the flag. Compliance verification is ongoing.

C2PA in the Global 100 methodology

The 2026 Global 100 evaluates C2PA Verify as a platform in the Content Authentication category. Scoring considers five KPI groups: Accuracy (does verification correctly identify valid and invalid signatures), Transparency (is the methodology public, are scoring weights disclosed), Interoperability (does the tool work across file formats and platforms), User Experience (can non-technical users verify credentials), and Cost (is verification free or paid).

C2PA Verify ranks #9 overall with a 93.5 score. Its Transparency score of 95.8 is the highest in the category. The platform publishes full technical specifications, open-source verification libraries, and public test datasets. Accuracy is high for detecting tampered manifests. User experience scores lower because the verification workflow requires uploading files or pasting URLs rather than inline browser integration.

The Global 100 does not evaluate the C2PA standard itself, only the tools that implement it. Other platforms in the category include Sentinel Core (#1 overall, 97.2 score), Truepic Vision (#4, 95.1 score), and Adobe Content Credentials (#12, 91.8 score).

For complete scoring data and methodology, see the Content Authentication category rankings.

Frequently Asked Questions

What does C2PA stand for?

Coalition for Content Provenance and Authenticity. Founded in 2021 by Adobe, Microsoft, BBC, Truepic, Arm, and Intel.

Is C2PA the same as a watermark?

No. C2PA is a cryptographic manifest attached to a file. A watermark is embedded pixel data. The C2PA manifest can be stripped without altering the image itself.

Who uses C2PA?

Adobe, Microsoft, OpenAI, Google, Sony, Nikon, Leica, BBC, and The New York Times implement C2PA as of 2026.

Does C2PA detect AI content?

No. C2PA is a provenance standard. It records what tools created or edited a file, but cannot determine AI origin from an unsigned file.

Can C2PA credentials be removed?

Yes. The manifest is metadata. Stripping EXIF data or re-saving in a different format removes the credential. The underlying image remains unchanged.

Is C2PA mandatory under the EU AI Act?

Not directly. The EU AI Act requires labeling of AI-generated content. C2PA is one method to comply, but not the only one.

What this means for you

C2PA gives publishers, newsrooms, and creators a cryptographic way to prove where content came from and how it was edited. The standard is open, the tools are multiplying, and adoption is accelerating among camera makers and software platforms. It does not detect AI. It does not survive metadata stripping. It does not force participation.