C2PA 2.1 - Strengthening Content Credentials with Digital Watermarks

A powerful combination to protect content creators and consumers in an era of generative artificial intelligence

Content Credentials, sometimes referred to as the nutritional facts of online assets, is an open technology to help fact check what we see online. Content Credentials are implemented via the Coalition for Content Provenance and Authenticity (C2PA) standard. With the release of the next generation of the C2PA standard, C2PA 2.1, Content Credentials are now strengthened with digital watermarks – creating a durable link between a digital asset and its provenance information. Digimarc is at the forefront of these developments, as a co-chair of the C2PA watermarking task force and launching the industry first standard implementation of content credentials recovery based on watermarks.  

C2PA: a timely standard 

With the rise of generative artificial intelligence (GenAI), and the resulting heightened risk of media manipulation, content consumers are wondering what can and cannot be trusted online. Re-establishing trust in digital content in the age of GenAI is a timely topic. We are working to solve this challenge in the U.S. and beyond and collaborating with strategic technology partners like DataTrails.  We are also active on the standardization front. The C2PA standard is designed to tackle the issue of trust by tracking the origin and history of online assets via Content Credentials. This technology allows content creators to add provenance data to original digital assets in a standardized manner via cryptographically signed metadata attached to assets called C2PA manifests. C2PA manifests are attached to digital assets via the tools and workflows content creators typically use. Provenance information about content is then delivered to content consumers like you and me with a simple click, answering questions such as: How it was made? Who created it? Is it AI-generated? When was it created? How was it edited? 

C2PA 2.1 & Digital Watermarks 

C2PA is about to hit another milestone, with the release of C2PA 2.1. This version of the standard incorporates digital watermark-based recovery of Content Credentials. Digimarc’s digital watermarks are identified as a supported technology.  

Why is this important? C2PA manifests are added as metadata to an asset versus being embedded into the asset itself. As a result, the metadata can easily be stripped from a digital asset by a malicious actor using a simple online tool. Pertinent to content creators and consumers, many tools and platforms in the market today automatically strip metadata from digital assets. Uploading an image to a social network, sending a video via an instant messaging app, editing an image with a mobile phone app – all these common workflows lead to the frequent loss of digital asset manifests. This is where digital watermarks can help. Digital watermarks create a more persistent link between the asset and its manifest. An imperceptible digital watermark embedded in an image, video or audio track references the manifest and helps recover it should the manifest become detached.   

A year ago we demonstrated how C2PA could benefit from the inclusion of digital watermarks. Since then, we have co-chaired the C2PA watermarking task force with Adobe to standardize the use of digital watermarking technology. C2PA 2.1 brings the efforts of this task force to the public. There is now a standard way of integrating digital watermarking technologies including using digital watermarks to recover Content Credentials. This is achieved via 3 building blocks focused on allowing different watermarking vendors and technologies to compete while maintaining interoperability for implementors.  

1. First, there is now a standard way of specifying that a digital watermark was added to an asset (C2PA Watermarked Action) but also of specifying details about this digital watermark (C2PA Soft Binding Assertion) such as the algorithm that was used.  
2. The second building block is an authoritative list providing details about the supported digital watermarking technologies. 
3. Third, a Web API (Soft Binding Resolution API) provides a standard way of retrieving C2PA manifests. By implementing this specification, digital watermarking technology vendors provide clients such as a web browser or a mobile app with a standardized way of retrieving Content Credentials that would have been removed (or swapped) from a digital asset. It is worth noting that this specification also supports recovery based on alternatives to digital watermarking such as content fingerprinting.  

These three building blocks power a mix of use cases, but the most important use case is the recovery of manifests. For instance, let’s imagine John is a reporter and publishes an image or video on X. X, just like many other tools or platforms, strips metadata and hence the C2PA manifest is lost. Jane is an X user and wants to know if this image is legitimate, but unfortunately, it no longer includes a manifest. Thanks to the C2PA 2.1 specification, tools such as web browsers now have a standard way to check for a digital watermark in an asset and a way of retrieving detached manifests. Jane is reassured! 

C2PA 2.1 at Digimarc  

We are thrilled to announce that we are building this manifest recovery flow on top of Digimarc Validate, our Digital Assets protection product, making it the industry's first implementation of the new standard. By combining our leading digital watermark technology with C2PA 2.1, content credentials can now survive publication to websites and social media platforms, but also resist common modifications such as cropping, rotation, resizing, etc. This means our customers can fight back against theft, inclusion in AI models, unauthorized repurposing, and misappropriation. It also means media consumers like you and I will have a durable way to learn about the provenance of the media they consume. All of this in a standard way.  

 
We look forward to working with content creators, device manufacturers, and creative tool providers to deploy this technology. Contact us if you’d like to learn more and watch the video below to see more details about this integration.