Jump to

Content Credentials (C2PA)

What are Content Credentials (C2PA)?

Content Credentials are tamper-evident provenance metadata attached to media files under the C2PA (Coalition for Content Provenance and Authenticity) standard. They record, in a cryptographically signed manifest, how a file was created and modified — including whether generative AI was used, by which tool, and what edits followed. Major model providers, camera makers and creative suites ship C2PA support, making it the de facto infrastructure for the AI Act’s Article 50 machine-readable marking duty.

What they are not

  • Not a visible label — deepfake disclosure still needs UI-level labelling;
  • Not unremovable — stripping metadata breaks the chain, which is why platforms’ preserve-or-strip decisions carry legal weight;
  • Not proof of truth — they authenticate provenance, not accuracy.

Implementation notes

Sign at generation time; preserve through your pipeline; surface verification where users need it. For generation products serving the EU, credential support plus visible labels is the pragmatic August 2026 package.