Blogpost4 min

What is C2PA?

What is C2PA?

We can no longer trust what we see online: AI-generated content is everywhere, whether it’s completely fabricated deepfakes or original images in which individual elements have been altered. These days, they’re indistinguishable from authentic content to the naked eye. The fact is, therefore, that we need a new foundation for digital trust.

AI detectors (“deepfake scanners”) rely on probabilities and models and can never provide a definitive verdict on the authenticity of content. Furthermore, AI models are constantly evolving and will be better tomorrow than today’s detectors. It’s a never-ending game of cat and mouse.

C2PA Appearance

C2PA - short for Coalition for Content Provenance and Authenticity - aims to address this problem. C2PA is an open standard driven by a consortium of leading tech companies, spearheaded by Adobe.

The C2PA concept: a kind of digital passport for media (images, videos, audio) - called a manifest - that is created at the time of capture and embedded within the media file. Every subsequent edit is documented in this passport, whether it’s an adjustment in Photoshop or video editing, for example. With a single click, consumers can verify: Who took this photo, how was it edited, and was AI used in the process?

So C2PA doesn’t search for forgeries after the fact; instead, it flips the script and certifies the original.

Is C2PA a cure-all?

So does C2PA solve the problem of deepfakes? In theory, yes, and it works well in closed ecosystems (for example, within media companies). In practice, however, there are several pitfalls:

  • C2PA is only effective if the C2PA manifest is created at the time the image is captured - that is, right in the camera. If it’s added later, a gap is created because it’s no longer possible to verify whether the image was manipulated beforehand. The average consumer doesn’t yet have a C2PA-capable smartphone that could close this gap.
  • Throughout the entire process chain, every subsequent edit must be documented in the C2PA manifest, even if an image is merely cropped. This requires the use of C2PA-compatible software at every step; otherwise, the manifest loses its validity. Apps that remove all metadata during upload (such as WhatsApp) also completely delete the C2PA manifest, breaking the chain.
  • An existing C2PA manifest alone does not prove the authenticity of the content, as the manifest itself could be forged. The consumer must be able to verify who issued the manifest’s digital signature and whether it is trustworthy: this is known as the “trust anchor.”

How TrustNXT Can Help

TrustNXT’s unique Trust technology addresses this issue and fills the gaps left by C2PA: We bring tamper-proof, authentic image capture to the end customer - without requiring any special devices or apps - and secure the transmission chain from the camera to your systems, guaranteed to be free of AI manipulation or Photoshop.

In addition, we answer the question of the image’s source and establish a clear link between the digital manifest, the exact camera sensor that took the image, and the real-world context.

For the world of manufacturing and automation, our Industrial C2PA portfolio also offers comprehensive solutions that extend the benefits of C2PA with components specifically tailored for industrial systems, establishing end-to-end trust.

Latest articles

How to find us

Want to learn more?