C2PA Standard: History, Promises and Structural Limitations

Every day, billions of digital assets are created, shared, and used to make decisions with real-world consequences: purchasing property based on photographs, publishing investigative reports based on video evidence, settling insurance claims documented with images. The fundamental question remains constant: is this content authentic? Does it faithfully represent what it claims to represent?

To address this question, the Coalition for Content Provenance and Authenticity (C2PA) was established in 2021 as an open technical standard designed to track digital provenance from creation to distribution. With over 6,000 members and affiliates as of January 2026, the C2PA specification has become the global reference for content authenticity. But the critical question persists: is this provenance metadata standard alone sufficient to guarantee that a piece of content is authentic?

The answer, supported by technical evidence and independent research, is no. C2PA is a necessary but structurally insufficient tool when used in isolation. The standard certifies the history of content, not its truth. To bridge this gap, C2PA must be combined with a forensic acquisition methodology that guarantees authenticity at the source: precisely the approach adopted by TrueScreen, the Data Authenticity Platform that combines C2PA content credentials with certified forensic acquisition.

What is C2PA and why was it created

C2PA is an open technical standard that defines how to embed verifiable provenance metadata within digital files. Its objective is to create a transparent chain of custody for images, video, audio, and documents, enabling anyone to verify who created content, with which tool, and what modifications it underwent over time.

The genesis: from CAI and Project Origin to the Coalition (2019-2021)

The story of C2PA begins in 2019, when Adobe launched the Content Authenticity Initiative (CAI), a consortium focused on building an attribution system for digital content. The insight behind CAI was that fighting disinformation could not rely solely on detecting fake content (a reactive approach destined to chase increasingly sophisticated forgery techniques), but had to start from certifying the origin of authentic content.

In parallel, Microsoft and BBC developed Project Origin, a research project aimed at combating media disinformation through provenance traceability. Project Origin focused specifically on the news sector, with the goal of creating a system enabling audiences to verify that an article, video, or image genuinely came from the outlet publishing it and had not been altered during distribution.

In February 2021, these two initiatives converged in the founding of the Coalition for Content Provenance and Authenticity. The founding members were five organizations representing different sectors of the digital ecosystem: Adobe (creative software), Arm (hardware architectures), BBC (media and broadcasting), Intel (semiconductors), and Microsoft (platforms and cloud). The decision to involve actors across the entire value chain, from hardware to software to media, reflected the understanding that a digital provenance system works only if the entire chain supports it.

The first official specification was released in January 2022. Since then, the standard has undergone progressive updates up to the current version, v2.2, released in May 2025, which introduced significant improvements in video manifest handling, compatibility with emerging formats, and support for cloud-based manifests that extend coverage to formats not supporting embedded metadata.

The decision to merge forces stemmed from the recognition that two parallel initiatives with overlapping objectives would fragment the ecosystem rather than strengthen it. A single open standard, governed by a multi-stakeholder consortium, had a greater chance of achieving the critical mass necessary to function in a global digital ecosystem.

How it works: manifests, digital signatures, and chain-of-custody

The core mechanism of the C2PA protocol is the manifest: a structured block of metadata embedded directly within the digital file. The manifest contains three fundamental categories of information:

• Assertions: declarations about the content's provenance, including the creation tool, declared author, and actions performed on the file (cropping, resizing, filter application, AI generation).
• Cryptographic signature: a digital signature based on X.509 certificates that binds the assertions to a verifiable identity and makes the manifest tamper-evident.
• Content binding (hash): a digital fingerprint of the file that inseparably links the manifest to the specific content, preventing the same manifest from being applied to a different file.

When content is modified by a C2PA-compatible tool, a new manifest is added without deleting previous ones, creating a digital chain of custody that documents the file's entire history. This additive model is a deliberate architectural choice: preserving previous manifests enables reconstruction of the complete transformation timeline, from the moment of original capture to the latest modification.

An important aspect to understand is that the C2PA manifest does not modify the visible content of the file. A JPEG image with a C2PA manifest appears identical to one without: provenance metadata is incorporated in a data structure separate from the visual content. This means non-C2PA-compatible tools can continue to read and display the file normally, even though they will not be able to interpret the provenance metadata.

Who uses C2PA today

C2PA adoption has expanded from a small group of founders to an ecosystem that, as of January 2026, exceeds 6,000 members and affiliates. However, the level of implementation varies significantly between those who have integrated C2PA into their products operationally and those who have simply joined the coalition as supporters.

The founders: Adobe, Microsoft, Intel, BBC

Among the founders, Adobe has the most advanced implementation. Starting with Photoshop and Lightroom, Adobe has integrated automatic content credentials writing across all major Creative Cloud products, including Firefly, its AI image generator. Every piece of content created or modified with Adobe tools can include a C2PA manifest documenting the entire editing chain.

Microsoft has integrated C2PA support in Bing and Microsoft Designer, automatically labeling AI-generated content with content credentials. Intel contributes on the hardware front, working on chip-level implementations that can ensure cryptographic signing directly in silicon. The BBC has conducted experiments in news gathering, testing the provenance workflow from field capture to publication.

Adoption in 2026: from OpenAI to Google, from Sony to Nikon

The expansion of the C2PA ecosystem in 2025-2026 has seen the entry of key players across three strategic sectors:

Sector	Organization	Implementation
Generative AI	OpenAI	Content credentials on images generated by DALL-E and ChatGPT
Generative AI	Google DeepMind	C2PA metadata on Imagen and Gemini outputs
Generative AI	Meta	Steering Committee member, AI labeling on Facebook and Instagram
Generative AI	Amazon	Steering Committee member, AWS integration
Hardware	Samsung	Galaxy S25: first smartphone with native C2PA camera support
Hardware	Sony	PXW-Z300: first professional video camera with C2PA for video
Hardware	Nikon	C2PA support in professional Z-series cameras
Hardware	Leica	M11-P: first camera with built-in content credentials
Platforms	LinkedIn	Content credentials display for images (with known limitations)

Samsung's entry with the Galaxy S25 represents a turning point: for the first time, a consumer smartphone integrates C2PA signing directly into the native camera app, bringing the standard from the professional niche to the mass market. Sony's PXW-Z300 extends this logic to professional video, a sector where verifiable provenance is particularly critical for broadcast journalism and documentary production.

On the generative AI front, the participation of OpenAI, Google DeepMind, and Meta is significant because it addresses the side of the equation that generated the urgency for the C2PA specification in the first place: the ability to generate synthetic content indistinguishable from authentic media. These players commit to labeling their outputs with content credentials that explicitly declare the AI-generated nature of the content, providing a provenance trail that, at least in theory, accompanies the content from generation to distribution.

Content Credentials: the user-facing implementation of the standard

The term content credentials refers to the user-facing implementation of the C2PA standard. While C2PA defines the technical specification (manifest structure, cryptographic algorithms, metadata format), content credentials are what the end user sees: an icon, badge, or information panel showing content provenance.

The website contentcredentials.org, operated by Adobe's CAI, offers a public verifier where anyone can upload a file to examine its content credentials. This tool displays the manifest chain, associated signatures, and declared actions, making the content's history transparent.

However, as we will explore in the limitations section, the mere presence of content credentials does not guarantee that content is truthful: it only guarantees that the declared history is intact and signed by an identifiable entity. The distinction between "verifiable history" and "truthful content" is the critical node that determines the boundaries of what C2PA can and cannot do.

How the C2PA standard works technically

Understanding the technical mechanisms of C2PA is essential for evaluating both its value and its limitations. The standard operates on three interconnected levels: manifest structure, cryptographic system, and verification process.

The C2PA manifest: structure and content

A C2PA manifest is a structured data object in CBOR (Concise Binary Object Representation) format, embedded directly within the digital file according to container format specifications (JUMBF for JPEG, dedicated boxes for PNG, MP4, and other supported formats).

The manifest structure includes:

• Claim: the core of the manifest, which declares a set of assertions about the content and binds them through a cryptographic signature.
• Assertions: specific declarations. The most common include c2pa.actions (actions performed on content), stds.schema.org.CreativeWork (author information), c2pa.hash.data (binary content hash).
• Ingredient list: references to source content manifests, enabling provenance tracing even when multiple files are combined.
• Signature: the cryptographic signature authenticating the entire claim.

The v2.2 specification supports both embedded manifests (incorporated within the file) and cloud-based manifests (stored on external servers and referenced via URL), to handle formats that do not support internal metadata or scenarios where the file must remain unaltered.

Cryptographic signatures and X.509 certificates

Every C2PA manifest is digitally signed using the X.509 standard, the same certificate system used for HTTPS and for qualified digital signatures under the eIDAS regulation. The signature serves two purposes: authenticating the signer's identity and guaranteeing manifest integrity (any post-signing modification invalidates verification).

The C2PA signing system relies on a hierarchical chain of trust: a certificate authority (CA) issues certificates to signers, and the verifier checks that the certificate is valid and issued by a recognized CA. However, as highlighted by Hacker Factor's analysis, the C2PA specification also permits self-signed certificates or certificates issued by CAs not included in official trust lists, creating a gray area where "anyone can sign anything" without the system preventing it.

This flexibility is intentional: it enables adoption even by small players and independent developers. But it introduces a fundamental risk: a manifest signed with an untrusted certificate has the same technical appearance as one signed by a verified organization, unless the verifier explicitly checks the trust list.

The verification process

Verification of C2PA content occurs in four steps:

1. Manifest extraction: the verifier reads C2PA metadata from the file.
2. Signature validation: verification that the cryptographic signature is valid and the certificate belongs to a recognized CA.
3. Integrity check: the content hash is recalculated and compared against the one declared in the manifest. If they don't match, content has been altered after signing.
4. Chain analysis: ingredient manifests are examined to reconstruct the file's complete history.

The public verifier at contentcredentials.org performs all four steps and presents results in a readable format. Professional tools, such as those integrated into the TrueScreen platform, add an additional layer of forensic analysis that goes beyond simple technical validation of the manifest.

How C2PA differs from EXIF metadata

Traditional EXIF metadata records basic capture parameters such as camera model, aperture, and GPS coordinates, but it offers no cryptographic protection. EXIF data can be edited or stripped by any image editor without detection, making it unreliable for provenance verification. C2PA addresses this gap by wrapping provenance data in a cryptographically signed manifest that uses SHA-256 hashes and X.509 digital certificates. While EXIF records "what settings were used," C2PA records "who created this file, with what tool, and what edits were made" in a tamper-evident format. However, C2PA does not replace EXIF: the two standards are complementary, with C2PA manifests often incorporating EXIF data as assertions within the manifest structure. The key distinction is verifiability: altering any byte of a C2PA-signed file invalidates its cryptographic hash, while EXIF modifications leave no trace.

The structural limitations of C2PA

Despite the standard's value as foundational infrastructure for digital provenance, the C2PA protocol presents structural limitations that compromise its effectiveness as a standalone solution for content authenticity. These limitations are not bugs to be fixed in future versions: they are architectural consequences of the standard's design choices.

Metadata stripping: what happens when platforms remove metadata

The most immediate and widespread limitation of C2PA is metadata loss during distribution. When an image with content credentials is shared on a platform that reprocesses files (compression, resizing, format conversion), C2PA metadata is typically stripped away.

The RAND Corporation, in an analysis published in June 2025 titled "Overpromising on Digital Provenance and Security", highlights that "the success of C2PA depends on end-to-end compliance by all elements of the ecosystem, but in an open ecosystem this is unrealistic." A simple screenshot eliminates any trace of provenance. An upload to a social media platform that recompresses images produces the same result. Format conversion using non-compatible tools erases the manifest entirely.

This creates an operational paradox: content that most needs verifiable provenance (content shared virally on social media) is precisely the content most likely to lose its C2PA metadata during distribution.

Proposed solutions, such as cloud-based manifests or complementary imperceptible watermarking, mitigate the problem but do not solve it. Cloud manifests require the server to be reachable and the file reference to survive reprocessing. Imperceptible watermarking has its own limitations in terms of robustness and information capacity.

This is why platforms like TrueScreen, the Data Authenticity Platform, pair C2PA Content Credentials with forensic acquisition records stored in an independent attestation database that persists even when platform processing strips the original metadata.

The scale of the problem becomes evident when analyzing the typical flow of viral content: an image with content credentials is published on a website, shared on Twitter (which recompresses the image stripping metadata), screenshotted by a user, shared on WhatsApp (further recompression), and finally republished on a blog. At each step, the probability of C2PA metadata survival decreases dramatically. By the end of the chain, the content reaching the widest audience is almost certainly devoid of any provenance trace.

The trust problem: C2PA certifies history, not truth

This is the most important conceptual limitation of C2PA, and the least understood. The standard certifies that content was created by a specific tool, signed by a specific entity, and underwent specific modifications. It does not certify that the content faithfully represents reality.

A concrete example: a photograph taken with a C2PA-compatible device will have a perfectly valid manifest declaring "captured with camera X at time Y in location Z." But C2PA does not verify that the photographed subject is what the author claims it to be. A staged photo, a forged document photographed with a certified device, a reconstructed scene: all produce technically impeccable C2PA manifests.

This limitation is particularly relevant in legal disputes and insurance verification. An adjuster who documents non-existent damage with a C2PA-compatible camera produces digital evidence with perfectly valid manifests. An individual who photographs a forged document with a Samsung Galaxy S25 generates a file with technically impeccable content credentials. In both cases, C2PA faithfully certifies the file's history, but that history says nothing about the truthfulness of the photographed subject.

As the RAND Corporation emphasizes, "C2PA signing tools do not verify that metadata is accurate." The manifest attests that tool X declared certain information, not that the information is true. This distinction is critical in high-stakes contexts such as legal proceedings, investigative journalism, or insurance assessment, where the truth of content matters more than its technical history.

Privacy and doxing: the risk of exposing the creator's identity

An often-overlooked aspect of C2PA concerns its privacy implications. Content credentials, by design, embed information about the creator's identity: name, organization, digital certificate, and potentially precise geolocation data and timestamps.

An investigation by Fortune published in September 2025 revealed that "Big Tech sees C2PA as a way to combat deepfakes, but the standard puts user privacy on the line." The concrete risk is doxing: the non-consensual exposure of a content creator's identity through provenance metadata. For journalists operating in authoritarian contexts, whistleblowers, activists, and domestic violence survivors, the automatic association between content and identity can have severe consequences.

The World Privacy Forum published a comprehensive technical analysis in 2025 on privacy, identity, and trust in C2PA, highlighting the structural tension between provenance transparency and identity protection. Proposed solutions, such as pseudonymous certificates, exist in the specification but are rarely implemented in practice.

Forgery: how the standard can be circumvented (documented cases)

The most alarming limitation of C2PA concerns the possibility of creating forged content with technically valid manifests. These are not theoretical vulnerabilities: they have been publicly demonstrated.

As documented by Hacker Factor, during a C2PA webinar it was demonstrated that authenticated forgeries can be created in minutes using standard tools. The fundamental problem is that C2PA does not impose constraints on who can sign what: anyone can obtain a certificate and sign any content with any set of metadata. The worst-case scenario described by Hacker Factor is particularly troubling: forged content with a valid C2PA manifest is presented as evidence in court. The defendant cannot prove the content is fake because the C2PA system shows "no evidence of tampering."

Another documented case involves LinkedIn, which implemented content credentials support but with problematic results: date display bugs for C2PA certificates and failure to show the Content Credentials logo despite valid C2PA metadata being present in the file. These episodes demonstrate that even implementation by major platforms presents significant issues.

The core of the problem is structural: C2PA operates as a history notarization system, not as a truth verification system. A notary certifies that a document was signed by a person, not that the document's content is true. Similarly, C2PA certifies that a manifest was created by an identifiable entity, not that the assertions in the manifest correspond to reality.

Bad actors can also undermine trust in the system indirectly: obviously real and authentic content can have invalid or entirely absent C2PA metadata simply because it left the compatible ecosystem during processing. If users and platforms begin treating the absence of C2PA as a signal of suspicion, a system emerges where perfectly legitimate content is penalized, while forged content with valid manifests is erroneously considered trustworthy.

The cost barrier: C2PA certificates and the Trust List

Beyond technical vulnerabilities, the C2PA specification imposes a significant economic barrier to entry. Signing content with a manifest that verifiers will recognize as trusted requires X.509 certificates issued by Certificate Authorities (CAs) included in the official C2PA Trust List. Currently, obtaining such a certificate from a provider like DigiCert costs approximately $289 per year.

Unlike the web TLS ecosystem, where Let's Encrypt democratized access to HTTPS by providing free certificates, no equivalent exists for C2PA. There is no free or low-cost path for an independent creator, freelance journalist, or small organization to obtain a C2PA signing certificate recognized by the Trust List. This means that while anyone can technically sign content with a self-signed certificate, only organizations willing to pay annual fees will produce manifests that verification tools display as "trusted."

The governance structure of the Trust List introduces a further concern. The list of recognized Certificate Authorities is controlled by a relatively small group of companies within the C2PA coalition. This creates a gatekeeping dynamic where a handful of organizations determine who can participate as a trusted signer in the provenance ecosystem. For a standard that aspires to universal adoption, this centralized control over trust creates a structural tension: the very organizations that stand to benefit most from C2PA adoption also control who is allowed to sign content with recognized credentials.

This cost barrier has practical consequences for mass adoption. Citizen journalists documenting events in real time, independent photographers building a portfolio, small newsrooms in developing countries: all are effectively excluded from the "trusted" tier of the C2PA ecosystem unless they can justify a recurring annual expense for certificate maintenance. The result is a two-tier system where well-funded organizations produce "trusted" content credentials while independent creators produce manifests that verifiers flag as unrecognized or untrusted.

C2PA and regulation: the EU AI Act and beyond

The European and international regulatory landscape is converging toward mandatory transparency for content generated or modified by artificial intelligence. The C2PA specification positions itself as one of the reference technologies for meeting these obligations, but regulation itself acknowledges it is not sufficient as a standalone solution.

The EU AI Act, in Article 50, establishes transparency obligations for AI-generated content that will be fully applicable from August 2, 2026. Providers of AI systems that generate synthetic content (images, audio, video, text) must ensure that outputs are marked in a machine-detectable manner as artificially generated.

Solutions like TrueScreen enable organizations to meet EU AI Act transparency obligations through a dual approach: C2PA Content Credentials for machine-readable provenance marking, combined with forensic attestation for legally admissible proof of content origin.

The Code of Practice for marking and labeling AI-generated content, whose second draft was published on March 3, 2026, and whose final draft is expected in June 2026, explicitly adopts a multi-layer approach:

• Metadata embedding (C2PA): embedding provenance metadata within the file.
• Imperceptible watermarking: digital watermark resistant to common manipulations.
• Logging: centralized recording of generation and modification events.

The European Commission's choice to prescribe a multi-layer approach is significant: it implicitly acknowledges that C2PA metadata alone is not enough. As highlighted in the Code of Practice, metadata is "easily removable through screenshots, social media uploads, or file conversion." Complementary mechanisms that survive metadata loss are essential.

Under the eIDAS regulation, which establishes the framework for electronic identification and trust services across the European Union, digital signatures and qualified electronic seals have established legal recognition. C2PA uses X.509 certificates compatible with eIDAS, but a C2PA signature alone does not constitute a qualified digital signature under eIDAS: it lacks the requirement of certain identification of the signer through a qualified trust service provider.

In the United States, the Federal Rules of Evidence (particularly Rules 901 and 902) govern the authentication of digital evidence. While C2PA metadata may serve as supporting evidence, courts generally require additional authentication measures. The mere presence of a C2PA manifest would not, on its own, satisfy the authentication requirements for admissibility of digital evidence in federal proceedings.

For organizations operating in regulated sectors (financial services, insurance, healthcare, legal), compliance with the EU AI Act and applicable national regulations requires an approach that goes beyond C2PA implementation alone, integrating certification systems with recognized evidentiary value.

The eIDAS 2.0 regulation, which entered into force in 2024, further strengthens this framework by introducing the European Digital Identity Wallet and new categories of trust services. In this context, C2PA signing alone does not satisfy the identification and non-repudiation requirements stipulated for digital transactions within Europe. Organizations requiring digital evidence with legal standing must integrate C2PA with certification systems that meet eIDAS requirements and applicable national regulations.

Why C2PA alone is not enough: the role of forensic methodology

The limitations documented in previous sections do not render C2PA useless: they render it insufficient as a standalone solution. The distinction is fundamental. C2PA is excellent infrastructure for provenance traceability, but it requires a complementary layer that certifies authenticity at the source, before content enters the digital ecosystem.

C2PA certifies history, forensic methodology certifies the source

The fundamental difference between the C2PA protocol and a forensic acquisition system is the point of intervention in the value chain.

Characteristic	C2PA (Content Credentials)	Forensic methodology (e.g. TrueScreen)
What it certifies	Content history (who, when, how)	Source authenticity (content faithfully represents reality at the moment of acquisition)
Point of intervention	Post-creation (signing after capture)	At the moment of capture (controlled acquisition)
Trust model	Trust in the tool and signer	Trust in the methodology and chain of custody
Forgery resistance	Anyone can sign any content	Acquisition from controlled source, not replicable
Evidentiary value	Limited (certifies history, not truth)	High (forensic acquisition with legal validity)
Metadata survival	Fragile (lost with screenshots, recompression)	Independent from file (separate certification)
Creator privacy	Risk of identity exposure	Controlled management of identifying information

Forensic methodology operates on a different principle: it does not merely sign existing content, but controls the acquisition process itself. TrueScreen, for example, acquires content directly from the source (device camera, web page, chat, document) ensuring that no manipulation occurred between the moment of capture and certification. The result is content with a dual guarantee: technical provenance (C2PA) and source authenticity (forensic methodology).

The difference is analogous to that between a surveillance system and an expert witness. C2PA is the surveillance system: it records what passes in front of the camera, but it cannot know whether the scene was staged. Forensic methodology is the expert who verifies the conditions of the scene, checks for signs of manipulation, and certifies that what is seen corresponds to what actually occurred. Both are useful, but neither is sufficient alone: the combination of both approaches provides a level of assurance greater than the sum of its parts.

The combined approach: Content Credentials + forensic acquisition

TrueScreen's C2PA integration exemplifies the combined approach. The platform operates on both fronts:

• Reading and validation: TrueScreen reads and validates C2PA manifests already present in incoming files, extracting and displaying the full chain of provenance claims (creator identity, tool used, subsequent modifications) to help users assess content trustworthiness before certification.
• Writing: TrueScreen writes C2PA-compliant manifests into certified content, embedding standardized provenance metadata that any C2PA-compatible viewer, platform, or verification tool can independently read and validate.
• Forensic acquisition: in parallel, the TrueScreen app ensures content was acquired in a controlled manner, with a chain of custody that begins at the source rather than at the first editing tool.

This approach resolves the main limitations of C2PA in isolation:

• Metadata stripping becomes less critical because forensic certification exists independently of the manifest embedded in the file.
• The trust problem is mitigated because forensic methodology certifies authenticity at the source, not just the declared history.
• Privacy is managed in a controlled manner, with the user deciding which identifying information to include in the certification.
• The forgery risk is reduced because forensic acquisition prevents manipulated content from being certified as authentic.

Use cases: journalism, insurance, legal proceedings

The combined C2PA + forensic acquisition approach finds concrete application in three domains where content authenticity has direct consequences:

Journalism: a photojournalist in the field uses a C2PA-enabled device to capture images. The manifest certifies the image was taken with that camera, at that time, in that location. But for the news organization, the C2PA manifest alone is not sufficient to prove the photographed scene is real and not staged. Forensic acquisition adds the verification layer that connects content to reality.

Insurance: a claims adjuster documents damage with photos and video. C2PA content credentials attest that images are original and unretouched. But the insurance company needs to know that photos genuinely represent the declared damage, taken at the indicated location and time, without the possibility of staging. Certified acquisition with TrueScreen provides this guarantee.

Legal proceedings: in court, the mere presence of a C2PA manifest is not sufficient to confer evidentiary value on digital content. The judge must be able to rely on a recognized acquisition methodology that guarantees content integrity from source to case file. A system combining C2PA content credentials with certified forensic acquisition provides a significantly higher level of assurance, meeting the authentication requirements established by the Federal Rules of Evidence (Rules 901-902) and equivalent frameworks across jurisdictions.