Loading...

C2PA

Content Credentials (C2PA)

What is C2PA (in plain language)?

C2PA is a standard for “Content Credentials” — a small set of data that can travel with a file and describe its provenance. In practice, it helps answer: what this file is, when it was created or exported, and what tool or workflow produced it.

It’s not about opinions or judging content. It’s about making the file’s history easier to understand and verify.

What is CAI and why do people mention it?

CAI (Content Authenticity Initiative) is a broader ecosystem that promotes Content Credentials. C2PA is the technical specification that makes those credentials consistent across tools and platforms.

Why this matters (real-world situations)

  • You deliver work to a client and later someone says: “This isn’t what you sent.”
  • You publish content and want to show what version was approved.
  • You handle sensitive files and need an audit-friendly trail.
  • You want to reduce “silent edits” and version confusion.

Content Credentials give you a stable reference point. Instead of debating, you can verify.

How INSAXO (Written in Stone) uses C2PA

INSAXO combines Content Credentials with a proof record that is easy to share and easy to check. When you generate C2PA in INSAXO, we:

  • Create a deterministic proof record for the file (fingerprint + timestamp).
  • Store a credential payload record in an immutable registry.
  • Give you downloads (when available) and a verification link / QR you can share.

The goal is simple: you can show what existed at a point in time and verify whether a later copy matches.

How to use it (recommended workflow)

  • Stamp your file in INSAXO.
  • Generate Content Credentials (C2PA) for that proof.
  • Download the available artifact and keep it with your deliverables.
  • Share the verification link / QR in your handoff, invoice, or project notes.
  • Verify later by checking a file copy against the proof.

FULL vs INTENT — what you will see in INSAXO

INSAXO can generate two types of C2PA outputs:

  • FULL — a signed Content Credential (best for external distribution and formal review).
  • INTENT — an unsigned credential definition. This is the guaranteed fallback when signing is not possible. It still provides a verifiable, timestamped provenance record tied to your proof.

Why signing isn’t always available

A signed credential requires a signing certificate that is accepted by the C2PA policy. These certificates follow strict rules and require maintenance and renewals.

When FULL signing cannot be issued, INSAXO generates INTENT so you are never left without a usable record.

Trust levels — what they mean

Trust level is a quick indicator of how strong the credential is in terms of identity validation. It is designed for non-technical users.

  • GREEN — Signed credential with an accepted identity (strongest).
  • YELLOW — Provenance and integrity are recorded, but signing identity is limited or unsigned.
  • GRAY — Not generated yet.
  • RED — Error; retry or use available records.

What this helps you prove (and what it doesn’t)

  • Helps prove: integrity (unchanged), “what existed”, and a verification trail.
  • Does not automatically prove: legal authorship or ownership rights by itself.

Where to verify

You can verify a file copy against your proof record at any time using the verification checker.

Open the Verification Checker