C2PA under the microscope: What can the standard do and what are its limitations?

Anne Patzer
May 21
6 min read

Photorealistic landscape format shot: on the left, a stack of transparent acrylic cards with a stylized mountain image and the green label “Verified,” on the right, an upright black glass plate with a white fingerprint icon on a discreet pixel grid—symbolizing metadata verification versus pixel forensics.

At a time when image manipulation and fake content are increasingly challenging the authenticity and trustworthiness of digital media, the need for robust solutions to verify and ensure the authenticity of digital content is growing exponentially. We at VAARHAFT are also continuously working at a rapid pace on solutions to make the credibility of digital content verifiable and prevent image-based fraud. In addition to our own solutions, we would also like to shed light on other complementary approaches that can expand the landscape of digital authenticity. Currently, the C2PA standard of the Content Authenticity Initiative (CAI), among others, is being widely discussed as a promising solution and its applicability is being evaluated. In this blog post, we have therefore taken a closer look at the standard and would like to provide a thorough understanding of the C2PA standard, explore its limitations, and explain why VAARHAFT's solution remains indispensable in the fight against image fraud.

What is the goal of the CAI?

The Content Authenticity Initiative (CAI) is a coalition that, among other things, promotes the C2PA standard. It aims to bring trust and transparency to the creation, distribution, and consumption of digital content. To this end, it promotes the development of tools and open standards that enable the verification of the authenticity and provenance of digital media. The CAI is supported by media organizations and renowned organizations from a wide range of industries, such as Adobe, the BBC, The New York Times, and Twitter.

Decryption of the C2PA standard

The C2PA standard ( Coalition for Content Provenance and Authenticity ) is an open technical standard that enables media organizations and companies, for example, to embed verifiable metadata in their media in order to authenticate their origin and subsequent processing steps and to secure associated information.

When a photo is taken with a camera that supports the C2PA standard, the image is first bound and sealed with metadata, such as the location and time of capture, as well as information about the authorship. The photo and the source information are thus cryptographically sealed and inseparable from the image. Each subsequent editing step is immutably appended to the image with another layer. These "content credentials" then allow consumers and platforms to track and verify information about the creator, the date of creation, the editing history, or the editing tools used .

Step 1:

Diagram of a three-layer stack graphic: the top layer shows the original photo, below it a yellow stripe with provenance information and below that a red stripe with the digital signature, each with yellow lines and English labels. — *Image from* *https://c2pa.org/*

Step 2:

Illustration of a semi-transparent cube containing a multi-layered photo; on the right, a yellow arrow labeled 'manifest' points to the combined layers. — *Image from* *https://c2pa.org/*

Step 3:

Graphic of a browser window with a stylized mountain and sun image; a yellow arrow marks an info badge labeled 'content credentials'. — *Image from* *https://c2pa.org/*

Initiated by the CAI, this standard creates a first solid approach to restoring trust and security in digital media and protecting the authorship of an image. Companies such as Adobe, Google, and OpenAI have already integrated the standard to promote a standard for "tamper-proof" metadata. As of April 12, 2024, images generated with OpenAI's ChatGPT on the web and the API for the GPT-4o model will also receive these C2PA credentials. Camera manufacturer Leica has also integrated the standard into its M11-P camera as a seamless authentication technology, thus enabling images to be protected with content credentials as soon as they are captured. This first approach aims to combat the growing distrust in digital content by drawing a clear and traceable line between original content and modified versions. It's about strengthening the accountability of content creators while giving consumers the tools to better understand changes to the content they consume.

Screenshot of the content credential viewer: a damaged car bumper appears twice in a tree diagram; left column shows file list, right column shows detailed metadata (created with ChatGPT, issued by OpenAI). — *Representation of the content credentials of an image from OpenAI.*

Where the C2PA standard reaches its limits

However, despite its strengths in tracking an image's editing history and protecting authorship, the C2PA standard has clear limitations: On its own, it cannot solve the problem of manipulated images and targeted disinformation.

Content credentials can easily be removed in various ways—whether unintentionally or intentionally. Even uploading to social networks or simply taking a screenshot completely deletes the metadata. As a result, it's still possible for images without C2PA markings to be circulating, generated or edited using artificial intelligence (including Adobe Firefly and GPT-4o). Conversely, even credible images can quickly lose the credentials they are supposed to protect.

Ideally, only images with intact C2PA credentials would be accepted. However, this requires that this standard be so widely accepted and adopted globally that it is implemented and applied by all camera manufacturers, smartphone producers, and content creators, thus enabling every user or customer to add these credentials to their own images. The widespread adoption of this standard requires widespread adoption, which is highly unrealistic in the short term. As long as both real and manipulated images are circulating without C2PA verification, complete trust in the standard remains risky, especially for companies that receive images from private customers and from a wide variety of sources.

Screenshot of the Content Credential Viewer: Adobe Firefly-generated image of a cracked smartphone, metadata on the right lists Firefly as an AI tool and marks the image as AI-generated; in the middle, a tree diagram with an empty placeholder for subsequent steps. — *Generated image from Adobe Firefly WITH Content Credentials*

Screenshot of the Content Credential Viewer: AI image of a cracked smartphone on asphalt, marked on the left as a file without existing credentials, on the right a thumbnail with the note 'No Content Credential' — *Screenshot of the same generated image from Adobe Firefly WITHOUT Content Credentials,* *because they were lost in the screenshot.*

Furthermore, the C2PA standard does not verify whether the original image is authentic. Already manipulated content can therefore be tagged with valid metadata and subsequently falsely presented as authentic. For example, if a fraudulent person photographs an AI-generated image with a C2PA-enabled Leica camera, this artificially generated scene also receives valid content credentials and thus undeserved trust. Due to this lack of source protection, the standard currently remains vulnerable to misuse.

Another limitation of the standard is that it cannot prevent certain forms of image fraud, such as contextual misrepresentation. While the standard confirms the integrity and origin of the file, it does not provide any information about whether the image is being used in a misleading or deceptive context.

The standard is therefore not a panacea for the growing loss of trust in digital images. Nevertheless, it represents an important building block, particularly in the areas of copyright protection and editing history. Combined with complementary approaches, it represents a decisive step toward greater credibility of visual content.

Why VAARHAFT remains indispensable

Although standards such as C2PA have significantly improved transparency, robust audit tools, in-depth forensic analysis and comprehensive protection mechanisms remain essential – solutions such as those provided by VAARHAFT.

The VAARHAFT Fraud Scanner detects image manipulation or fully AI-generated images , regardless of whether content credentials or other metadata are present. Our analysis is performed directly at the pixel level , where we detect forensic anomalies in the image itself – cryptographically sealed metadata is not required. VAARHAFT uses proprietary deep learning models based on convolutional neural networks (CNNs), which can produce more reliable and significantly more accurate results than simply analyzing the metadata.

However, if the Fraud Scanner detects metadata or C2PA content credentials , it automatically extracts and delivers them with the scan results. This additional information can provide valuable clues about the origin, editing history, and thus the trustworthiness of the image. We therefore evaluate it as additional context, but never let it determine our decision about the authenticity of the image.

VAARHAFT precisely determines the credibility of an image even after compression, transmission, or format conversion – without requiring the original image itself. The solution offers companies that process images from a wide variety of sources on a daily basis a ready-to-use, fast, and reliable authenticity assessment – even in environments where standards like C2PA have not yet been widely adopted.

VAARHAFT also offers SafeCam. SafeCam is a web-based camera app that verifies photos as they are taken . It detects in real time whether a real scene is actually being photographed (picture-from-picture detection) and blocks images that have been manipulated or simply copied from a screen. This means that the authenticity of an image is already verified during the capture itself. SafeCam complements the C2PA approach: While C2PA makes the editing history of an image transparent, SafeCam ensures its original authenticity . Both technologies therefore cover different levels of the same chain of trust. SafeCam prevents manipulation at the source, while C2PA documents it throughout its lifecycle.

Conclusion

The C2PA standard is an important step toward greater transparency: It embeds verifiable metadata in image files, making their origin and editing steps traceable. However, it is clear that this standard alone is not fully capable of addressing the challenges of image manipulation and disinformation – metadata can easily be removed, allowing both authentic and manipulated images to circulate unprotected.

VAARHAFT is ready to close this gap. The Fraud Scanner verifies the authenticity of existing images directly at the pixel level and detects subsequent editing or AI generation regardless of existing content credentials. C2PA-based metadata controls and VAARHAFT's image forensic analyses complement each other by covering different levels of authenticity, thus contributing to greater trustworthiness in the digital image space.

VAARHAFT – Your partner in the fight against fraud and for greater transparency in digital media. Learn more about our solutions and how we can help you ensure the credibility of your image content.

Learn more

Sources:

https://contentauthenticity.org/

https://contentcredentials.org/verify

https://leica-camera.com/de-DE/fotografie/content-credentials

https://help.openai.com/en/articles/8912793-c2pa-in-dall-e-3

https://www.heise.de/news/OpenAI-integriert-eine-Art-Wasserzeichen-in-generierte-Bilder-9622526.html