C2PA and media authentication: What you need to know

By Brandon Epstein

If you’ve been working in media forensics or the larger digital evidence community in the past six months, chances are you’ve heard about C2PA Content Credentials and their role in authenticating digital media. In this article, we’ll explore what C2PA is, how it works, and its current function within the digital forensic community.

Spoiler alert: C2PA does a decent job of establishing media provenance in a very narrow set of circumstances, but its limitations matter. Here’s what you need to know.

What is C2PA?

The Coalition for Content Provenance and Authenticity (C2PA) was born in 2021 out of the Adobe-led Content Authenticity Initiative (CAI) with a goal to allow content creators (think news media organizations at that time) the ability to claim ownership of created content and build trust in the imagery they published.

Even before the words “deepfake” or “LLM” were household names, the ability to show provenance was needed by news media organizations around the world.

For example, a New York Times photographer could capture a picture of a protest, edit that picture in Photoshop, and ultimately publish that image to the New York Times website. A viewer could use embedded content credentials in that image to review its chain of custody — seeing that brightness had been increased, but no protestors had been added or removed.

The content credential (and the required digital infrastructure to create, edit, and read content credentials) would give readers context that the photo had been edited for contrast but nothing else, allowing them to build trust in the reporting.

C2PA does a decent job when a creator makes an active decision to tell the world that their content was created by AI — and when the C2PA signal is kept intact. In its current state, that is the extent of its value for digital evidence.

Nonetheless, C2PA is here to stay and will only grow in popularity. It’s still part of the media authentication conversation in the AI era, and is worth understanding by digital evidence investigators, examiners, and attorneys.

What is a content credential?

In simple terms, a content credential is a metadata tag embedded in a file that tells you about its origins — how it was created, how it was edited, and who was involved. The C2PA is intended to create “an open technical standard for publishers, creators, and consumers to establish the origin and edits of digital content.”

Digital forensic examiners and investigators are used to technical standards and specifications in our work — they allow for the standardized manner in which we record and store data in a wide variety of applications, such as images, videos, documents, and databases. These differ from practice standards, like those developed by SWGDE, ASTM, and OSAC, which guide examiners and investigators on how to do things.

C2PA works by specifying a way to embed a cryptographically signed block of data — a manifest — within a media file that stores an assertion about that file, like “this is the camera that created this file”. Essentially, it provides a standardized way for software or hardware to embed a piece of metadata into files with provenance information.

In its current deployment, a C2PA content credential starts at the point of capture, with a camera, cell phone, or generative AI platform, embedding the content credential at inception. Downstream, an editing tool like Photoshop reads that credential and adds the functions performed within the software, like contrast adjustments or cropping, to the manifest. When exported from Photoshop, the new manifest is embedded in the new file, including information about both the original capture and any subsequent editing. Once published online, a C2PA-aware website would then allow the consumer to view the content credential in a human-readable way and learn about the provenance of the media.

What are the challenges associated with C2PA?

The ability to have a detailed manifest, or chain of custody, of media sounds like a very promising way to build trust in files. So why is media authentication still a challenge?

The challenge exists becuase of to the level of technical adoption that is required at every step in the lifecycle of a C2PA-enabled file.

The entire concept hinges on a C2PA manifest being created at the file’s inception, and then on continued technological support by every transmission, editing, or processing application that interacts with it. Each of those applications ultimately creates a new file and must be C2PA-aware to pass a new manifest into that file.

If the file is published to a website or other platform, that system also needs to be C2PA-aware and able to keep the manifest intact, recognize its presence in a file, validate it for accuracy, and transform the data into a viewable format for the end user. Even in its simplest form, it’s a complicated process that requires C2PA awareness across all touchpoints.

This works well when a news photographer knows they want to prove authenticity from the moment they pick up their camera. They can select a C2PA-compliant camera, enable C2PA features in their software, and post to their organization’s C2PA-compliant website.

Outside the news media space, it gets more complicated. Only a handful of cell phone manufacturers have included C2PA in their hardware, and the user must take action to enable it before capturing a photo or video — which is not easy to do in a critical incident.

Once captured, the file must only pass through messaging or transmission apps or be posted to social media sites that do not re-encode the file or strip its metadata.

Even if one piece of software that does not support C2PA touches the file, the chain is broken and cannot be repaired.

Can I use C2PA to authenticate media?

Currently, the largest use of C2PA’s content credentials is with AI-generation tools, which embed content credentials at inception. As noted above, this can be helpful when a creator actively wants to disclose the use of AI in their imagery — but it does little outside that narrow scope. Coupled with the ease with which the content credentials can be removed, the absence of a C2PA content credential does not mean that an image is authentic or that it was not AI-created.

Effective media authentication requires the use of specialized tools like Magnet Verify. Verify was the first digital forensic software to support content credentials and gives users the ability to evaluate C2PA manifests alongside more than 100 other data points. The CAI’s Verify tool (no relation to Magnet Verify) will read C2PA content credentials but is limited to that C2PA only.

How does C2PA affect me?

Even though C2PA alone has little effect on media authentication today, it is still another data signal that can be evaluated as part of a complete authentication examination. C2PA is also almost certain to gain wider adoption in the coming years.

As C2PA matures, so will general awareness by the public and the courts — along with varying perceptions about its efficacy outside news media and in legal proceedings. It is important that digital investigators and examiners understand C2PA’s role so they can give appropriate weight to content credentials or, more likely, explain why a file does not contain a C2PA manifest.

C2PA is just one example of how conversations surrounding AI are changing the digital evidence landscape. Want to learn more? Check out our AI in Digital Forensics series to explore the impact AI is having in the world of investigations.

Brandon Epstein, Technical Forensics Specialist at Magnet Forensics, is a former police detective and co-founder of Medex Forensics, which Magnet acquired in 2024. Brandon specializes in AI and media authentication and is active in many digital forensic community organizations.