Content Credentials

Cryptographically prove your content is real, and that it came from you

Content Credentials use the C2PA standard and CAWG Certificates to embed tamper-evident provenance information directly into media files, photos, videos, audio, and documents. Two certificate types work together: C2PA Certificates sign the content credential itself, and CAWG Certificates bind your verified organizational or personal identity to that credential.

Explore certificates Talk to an expert

C2PA and CAWG: the open standards for content authenticity

C2PA (Coalition for Content Provenance and Authenticity) is the technical standard for attaching cryptographically signed provenance information to media content. A C2PA manifest travels with the content file and records: who created it, when, with what tool, and whether it’s been modified since, all protected by a digital signature.

CAWG (Content Authenticity Working Group) extends C2PA with a specific mechanism for embedding verified organizational or individual identity, going beyond software tool attribution to assert who (as a legal entity) stands behind the content. Both standards are backed by Adobe, Google, Microsoft, Intel, BBC, Reuters, the New York Times, and many others.

C2PA Certificate

Signs the C2PA content manifest, proves the credential hasn't been tampered with since it was attached

Ā 

Learn more

CAWG Certificate

Embeds verified organizational or individual identity into the C2PA manifest, proves the named entity created or endorses the content

Learn more

C2PA Certificate vs CAWG Certificate

Feature C2PA Certificate CAWG Certificate
What it does Signs the content credential (C2PA manifest) attached to a media file Embeds verified identity (org or individual name) into the C2PA manifest
Who validates SSL validates domain or organization ownership SSL validates organizational or individual identity
Identity in credential Organization or domain identifier Verified org name or individual name
Use together? ? Yes, C2PA cert signs the manifest; CAWG assertion adds identity ? Yes, CAWG assertion is embedded inside a C2PA-signed manifest
Best for Any organization needing signed content credentials Organizations or individuals wanting verified identity attribution in content
C2PA Certificate ? CAWG Certificate ?

A complete content credential

Media file (photo / video / audio / document)
└── C2PA Manifest (signed by C2PA Certificate)
    ├── Creation metadata (tool, timestamp, location)
    ├── Edit history (what was changed, when)
    ├── CAWG Certificate (verified creator/org identity)
    └── AI disclosure (if AI-assisted or generated)

A viewer or platform that supports C2PA (Adobe Photoshop, Leica cameras, the Content Credentials verify tool, and growing platform support) can inspect this manifest: seeing a verified chain of custody from creation through any edits, with the creating organization’s identity confirmed by SSL.

Who needs content credentials?

News agencies & wire services

Sign photographs and video at point of capture: downstream publishers and platforms can verify provenance.

Broadcasters & publishers

Authenticate editorial content, distinguish human-created from AI-assisted content.

Individual journalists & photographers

Assert verified personal attribution: protect work from decontextualized re-sharing.

Brands & advertisers

Prove campaign creative is genuine, unaltered, and from the authorized brand.

AI content platforms

Disclose AI generation in a standardized, machine-readable way that complies with emerging regulations.

Camera manufacturers & capture tools

Embed C2PA credentials at the device level: provenance from the moment of capture.

Why SSL

Authorized C2PA certificate issuer

SSL is an authorized CA for C2PA certificate issuance, recognized by the C2PA specification.

CAWG Certificate issuer

SSL.com issues CAWG Identity Assertion certificates under the Content Authenticity Working Group specification: one of a limited set of CAs authorized for the standard that layers verified identity onto C2PA content credentials.

CAI / C2PA ecosystem member

SSL.com is an active participant in the Content Authenticity Initiative (CAI) and C2PA working group: the standards bodies defining content provenance protocols used by Adobe, Microsoft, BBC, Reuters, Leica, and Sony.

WebTrust audited (BDO)

Annual BDO audits cover CA operations, Baseline Requirements SSL, and Network Security: the standard CA trust anchor expected by enterprise procurement, legal teams, and editorial integrity programs.

In operation since 2002

Over two decades of continuous public CA operations since 2002: proven infrastructure serving enterprises, governments, and content publishers through every major trust evolution.

Frequently asked questions

Content Credentials are cryptographically signed metadata attached to an image, video, or document that prove its provenance: who created it, when, with what tools, and whether it has been altered since. They address the core problem of digital content trust in an era of AI-generated and easily manipulated media, giving audiences a verifiable way to distinguish authentic content from fakes.
C2PA (Coalition for Content Provenance and Authenticity) is the technical standard that defines how provenance metadata is cryptographically signed and embedded into media files: the plumbing of Content Credentials. CAWG (Creator Assertions Working Group) extends C2PA by defining how creators can make verifiable identity claims within the provenance chain, binding a specific author's identity to the content. You typically need a C2PA certificate to sign the overall manifest, and a CAWG certificate to embed a verified creator identity inside it.
Adobe Photoshop, Lightroom, and Firefly embed C2PA Content Credentials natively. Microsoft Bing Image Creator, OpenAI's DALL·E, and Google's SynthID use compatible provenance approaches. Leica M11-P and Sony Alpha-1 Mark II cameras can capture with embedded Content Credentials at the hardware level. Major news organizations including the BBC, Reuters, Associated Press, and The New York Times are integrating Content Credentials into their editorial workflows.
News organizations authenticating editorial content, broadcasters and publishers disclosing AI involvement, photographers and videographers protecting their work with verifiable attribution, brands authenticating campaign creative, AI content platforms disclosing generation provenance, and camera and capture tool manufacturers embedding provenance at the hardware level. Anyone whose audience needs to verify the origin and integrity of digital content benefits.
Yes. SSL.com issues both C2PA certificates (for signing the provenance manifest) and CAWG certificates (for embedded creator identity assertions) under its publicly trusted PKI, and is an active participant in the Content Authenticity Initiative (CAI) and the C2PA Working Group that defines these standards.

Start authenticating your content today

Talk to a content authenticity expert about C2PA certificates and CAWG Certificates.
Talk to a content authenticity expert

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read ourĀ Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance