Content Credentials (C2PA)
Open standard for cryptographic content provenance. A nutrition label for media — when it survives the trip.
What should journalists know about Content Credentials (C2PA)?
Content Credentials is the public-facing name for C2PA — the Coalition for Content Provenance and Authenticity, a Joint Development Foundation project hosting the open standard for cryptographic media provenance. Founding members include Adobe, Microsoft, Intel, BBC, Truepic, Sony, Publicis, with later additions from OpenAI, Google, Meta, and Amazon. The coalition has 500+ members and the broader Content Authenticity Initiative passed 5,000 in 2025. The standard attaches a signed manifest to an image or video describing how it was created and edited — what camera, what software, what edits, optionally who. Verifiers like verify.contentauthenticity.org read the manifest and show a tamper-evident chain of custody. The momentum is real: Leica M11-P (2023) and SL3-S shipped with built-in Content Credentials. Sony's PXW-Z300 became the first C2PA video camcorder in 2025 with BBC R&D validating workflows. Cloudflare became the first major CDN to preserve credentials at scale, covering roughly 20% of the web. Google added Content Credentials to Pixel 10. The Associated Press, BBC, NYT, and Reuters are all collaborators. The catch — and it is a big catch — is metadata stripping. Most social platforms (Facebook, Instagram, X, YouTube) strip metadata on upload, and so does WhatsApp, Telegram, Signal, and even saving to the iPhone camera roll. The content most in need of provenance is precisely the content most likely to lose it. RAND's June 2025 analysis warned that C2PA depends on end-to-end ecosystem compliance that doesn't yet exist. World Privacy Forum and a September 2025 Fortune investigation flagged a separate concern: provenance metadata can dox the creator, which matters for whistleblowers, activists, and journalists in authoritarian environments. Nikon's Z6 III C2PA firmware was suspended in 2025 after a signing-key vulnerability forced certificate revocation. Treat Content Credentials as a powerful upstream signal in editorial workflows — when you receive a credentialed file directly from a photographer or wire, it tells you something real. Don't expect it to survive the open web.
Verifying camera-original files received from staff photographers, freelancers, and wires. Documenting edit history inside Adobe and other CAI-integrated tools. Election observation and human rights documentation where chain of custody matters. Newsroom workflows that handle credentialed files end to end.
Verifying images pulled from social media — credentials are almost always stripped on upload. Protecting source identity when the creator should remain anonymous (manifests can leak identity). Treating presence-or-absence of credentials as a binary truth signal. Replacing reverse image search and contextual reporting.
Security & Privacy
Data is scrambled while being sent to their servers
Data is scrambled when stored on their servers
Where servers are located — affects which governments can request your data
Privacy policy summary
C2PA itself is a specification, not a service. Privacy depends on which implementation you use and what optional fields are populated. Manifests can include creator identity, location, device serial, edit history — much of it optional. Default Adobe Photoshop credentials can include name and edit list unless the user redacts. The verify.contentauthenticity.org service is operated by Adobe under Adobe's privacy terms.
How to protect yourself:
Before sharing a credentialed file, inspect the manifest with verify.contentauthenticity.org to see what identifying data is attached — name, location, device serial may all be present. Strip or redact identity fields when publishing on behalf of sources who need anonymity. Do not assume social-media versions of an image are the same file as the credentialed original; almost all platforms strip the manifest on upload. For high-stakes verification, treat the credential as one chain-of-custody signal alongside reverse image search, EXIF analysis, and direct contact with the photographer. Watch for revocations — Nikon Z6 III certificates were revoked in 2025 after a signing-key vulnerability.
The cryptography is sound and the standard is open and inspectable. The weakness is the ecosystem: metadata stripping on upload, optional identity fields that can dox creators, and recent certificate revocations show the trust chain is still maturing. Strong as a chain-of-custody signal inside controlled newsroom workflows. Limited as a public-facing truth signal until platforms preserve credentials end to end.
Who Owns This
Known issues
Metadata stripped by nearly all social platforms (Facebook, Instagram, X, YouTube) and messengers (WhatsApp, Telegram, Signal). Saving to iPhone camera roll destroys credentials. Nikon Z6 III C2PA firmware suspended in 2025 after signing-key vulnerability; certificates revoked. RAND June 2025 analysis warned end-to-end ecosystem compliance is unrealistic in an open web. World Privacy Forum and September 2025 Fortune investigation documented doxing risk for creators whose identity is automatically attached to manifests. Standard does not prevent forged content with technically valid manifests if a signing key is compromised.
Pricing
Free open standard. Implementation costs depend on the camera, software, or signing infrastructure used.
This is an editorial assessment based on publicly available information as of 2026-04-07, using our published methodology. Independent security review is pending. Security posture can change at any time. This is not a guarantee of safety.
Something wrong or outdated? Report it.