The phrase “pics or it didn’t happen” has lost its credibility. As AI-generated content becomes more prevalent, distinguishing between real and fake has never been more challenging. This presents a significant problem: How can anyone be sure that what they see online is genuine and untampered? Many companies have focused on investing in technologies that only detect and flag falsified images, but now there’s a more proactive way to ensure a visual’s authenticity right from the start.
Cloudinary’s image and video API platform now supports adding signed provenance metadata in compliance with the Coalition for Content Provenance and Authenticity (C2PA) and its Content Credentials specification, a standard for embedding secure, tamper-evident metadata in media files. Cloudinary is working to implement the standard with select enterprise customers including Dow Jones.
In a recent press release on the topic, Clarence Kwei, SVP of Consumer Technology at Dow Jones, said, “Authentic storytelling through digital content provenance is paramount — now more than ever. Determined in our dedication to protect the credibility and quality of our news and visual content, we are pleased to be working with leading visual media technology vendors like Cloudinary to help create a more transparent digital ecosystem and protect viewers against manipulated and deceptive online media.”
This approach uses public-key cryptography, ensuring that each party in the content’s history can be verified and that the media has not been altered since the last verification. Instead of offering a binary trust signal, the C2PA manifest provides detailed assertions about the media, allowing users to make informed judgments based on the credibility of each party in the chain.
Cloudinary has been a pioneer in image and video management since its inception in 2012. With a strong focus on leveraging AI to enhance digital experiences, the company has consistently prioritized trust and transparency. In 2020, Cloudinary joined the Content Authenticity Initiative (CAI), and by 2023, began implementing the C2PA’s Content Credentials specification.
By managing and optimizing images and videos for delivery, Cloudinary ensures that transformed assets retain their Content Credentials throughout every stage of media handling:
- Cameras. Brands like Leica are embedding provenance metadata at the point of capture.
- Editing software. Tools like Photoshop and Lightroom incorporate these C2PA standards to maintain integrity during editing.
- Delivery platforms. Organizations such as the BBC are ensuring that the content they distribute retains its provenance metadata.
Cloudinary’s initial C2PA implementation focuses on preserving existing credentials and specifying whether transformations altered the pixels or merely optimized them for delivery — with the end goal of ensuring accurate, authentic visuals reach consumers. “C2PA is advancing shared standards to deliver more transparency in the world of AI-generated images and videos,” said Tal Lev-Ami, CTO at Cloudinary. “This work is a vital part of building trust in the authenticity of the images and videos people consume online and we look forward to supporting the coalition’s efforts.”
For customers who have opted-in to our beta program, delivering an image with Content Credentials is as simple as adding an fl_c2pa
transformation parameter to a URL:
With this flag enabled, Cloudinary will validate and preserve any existing Content Credentials in the asset, and add its own assertion, stating whether the asset was simply optimized for delivery, or whether it was altered more substantially, in a way that might change its meaning. The asset can then be inspected using tools like Verify in order to see the asset’s provable provenance.
Cloudinary’s implementation of the C2PA standard is just the beginning. The company is eager to expand its capabilities and is seeking design partners to explore new use cases and provide feedback. If you’re interested in adopting this feature and combating fake visuals, contact Cloudinary to participate in the beta program.