Content Authenticity

Prove your content is real, and that it came from you

Explore solutions Talk to an expert

New: C2PA Free Tier

Since May 2026, SSL offers a free tier for C2PA platform certificates: one Level 1 C2PA Claim Signing Certificate (valid 1 year) plus 10,000 trusted timestamps per year for long-term validation, issued via the SSL portal.
Apply Now

The authenticity crisis in digital media requires a technical solution

The proliferation of generative AI has made it trivially easy to create convincing synthetic images, audio, and video. Simultaneously, legitimate content is routinely cropped, decontextualized, and re-shared without attribution. News organizations, regulators, platforms, and audiences are demanding technical mechanisms, not just policies, to establish the provenance of digital content.

The C2PA (Coalition for Content Provenance and Authenticity) standard, developed by Adobe, Microsoft, Google, BBC, Reuters, and others, provides that mechanism.

The three components of the content authenticity stack

C2PA Certificates

For signing content with cryptographic provenance assertions under the C2PA standard

Explore C2PA Certificates

CAWG Certificates

For embedding verified organizational or individual identity into C2PA content credentials under the Content Authenticity Working Group standard

Explore CAWG Certificates

Time Stamping Authority (TSA)

RFC 3161-compliant trusted timestamps that keep a C2PA claim signature valid indefinitely, even after the signing certificate expires or is revoked

Explore Time Stamping Authority
📄 For full details on our Content Credential certificate products: including C2PA Certificates and CAWG Certificates. Visit the Content Credentials product group page. That page covers individual product specs, use cases, compliance details, and purchase options for each certificate type.

Which certificate do you need?

Answer two quick questions and we'll recommend the right certificate, or combination, for your use case.

1, What do you primarily need to prove about your content?

2, What best describes your situation?

C2PA Certificate, start here

A C2PA Certificate signs the content manifest, proving your content is authentic, unaltered, and establishing a tamper-evident chain of custody from creation to distribution. It also lets you disclose AI involvement in a standardized, machine-readable format. You don't need verified identity attribution in the credential itself, provenance and tamper detection are what matter.

Highly recommended: add a trusted timestamp from SSL.com’s Time Stamping Authority (TSA) so your C2PA signature stays valid for the long term, even after the signing certificate expires.

Provenance signing Tamper detection AI disclosure C2PA standard TSA highly recommended
Get C2PA Certificate Add Time Stamping (TSA)

CAWG Certificate, and a C2PA Certificate

A CAWG Certificate embeds your verified organizational or personal name directly inside the C2PA manifest, so viewers see who created the content, with identity confirmed by SSL as a trusted CA. CAWG assertions are embedded inside C2PA-signed manifests, so you'll need a C2PA Certificate as the foundational component too.

Highly recommended: add a trusted timestamp from SSL.com’s Time Stamping Authority (TSA) so your C2PA signature stays valid for the long term, even after the signing certificate expires.

Verified identity in credential CAWG standard C2PA required TSA highly recommended
Get CAWG Certificate See C2PA Certificate Add Time Stamping (TSA)

Both, C2PA Certificate + CAWG Certificate

For the complete content authenticity stack: a C2PA Certificate signs and protects the manifest (provenance, edit history, AI disclosure), and a CAWG Certificate embeds your verified organizational or personal name inside that signed manifest. Together they answer "Is this credential authentic?" and "Who made this, and can that be verified?"

Highly recommended: add a trusted timestamp from SSL.com’s Time Stamping Authority (TSA) so your C2PA signature stays valid for the long term, even after the signing certificate expires.

Full content trust stack Provenance + tamper detection Verified identity AI disclosure TSA highly recommended
Explore both certificates Add Time Stamping (TSA)

Who needs content credentials?

News organizations & wire services

Sign photographs, video, and articles at the point of creation. Downstream publishers and platforms can verify provenance and detect manipulation.

Publishers deploying AI-assisted content

Embed C2PA provenance disclosing AI involvement at creation, meeting EU AI Act and platform disclosure requirements.

Broadcasters & documentary filmmakers

Establish chain-of-custody provenance for footage from capture to broadcast.

Content platforms & social networks

Verify and display content credentials from C2PA-supporting creators and publishers.

Conformant products & startups

Apply for the C2PA Free Tier to add Content Credentials at no cost, with a valid conformance record, while you scale toward Premium.

Compliance & standards

C2PA (Coalition for Content Provenance and Authenticity)

SSL issues C2PA certificates: the open technical standard for content provenance, supported by Adobe, Google, Microsoft, BBC, Reuters, and others

CAWG (Content Authenticity Working Group)

SSL issues CAWG Certificates: the standard for embedding verified identity into C2PA credentials

EU AI Act

Requires labeling and disclosure of AI-generated content: C2PA credentials provide the technical mechanism

CAI (Content Authenticity Initiative)

Industry coalition promoting content credentials adoption: C2PA is the technical standard it champions

C2PA Trust List

As of 1 January 2026, the C2PA Trust List (containing the roots of trusted CAs such as SSL.com) replaced the former Interim Trust List for validating Content Credentials.

Why SSL

Authorized C2PA certificate issuer

SSL issues C2PA certificates and CAWG Certificates: part of the ecosystem including Adobe, Google, Microsoft, BBC, Reuters.

WebTrust for CA (BDO)

Audited annually by BDO: the standard CA trust anchor for enterprise procurement.

CA/B Forum compliance

All certificates issued under CA/B Forum requirements.

In operation since 2002

Established PKI infrastructure with over two decades of operation.

Start authenticating your content today

Talk to a content authenticity expert about C2PA certificates and CAWG Certificates.
Talk to a content authenticity expert

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance