Frequently Asked Questions
Common questions about Content Credentials, C2PA, and RealConfirmation.
What does it mean if a file has no Content Credentials?
It simply means the file doesn't contain C2PA metadata. This is completely normal β the vast majority of images and videos today don't have credentials yet. It doesn't mean the content is fake or manipulated; it just means there's no provenance data to verify.
Can Content Credentials be faked?
Content Credentials use cryptographic signatures, similar to how HTTPS protects websites. Forging a signature would require compromising a certificate authority's private keys, which is extremely difficult. However, someone could strip credentials from a file by taking a screenshot or re-encoding it. The absence of credentials is not proof of manipulation.
Does RealConfirmation store my files?
No. All verification happens in your browser using WebAssembly. Your files are never uploaded to our servers. We only store the verification result (status, metadata, signer info) so you can share it via a link β never the original file.
What file formats are supported?
RealConfirmation supports JPEG, PNG, WebP, TIFF, and MP4 files. These are the formats currently supported by the C2PA standard. More formats may be added as the standard evolves.
How does AI labeling work with C2PA?
When AI tools like OpenAI's DALL-E or Microsoft Designer generate an image, they attach Content Credentials that include a 'digital source type' field marking the content as AI-generated (trainedAlgorithmicMedia). RealConfirmation detects this and shows an AI-generated content notice.
What's the difference between 'Verified' and 'Valid, Untrusted Signer'?
Both mean the cryptographic signature is intact β the content hasn't been tampered with. The difference is trust: 'Verified' means the signer's certificate is in the standard trust list (like Adobe or Sony). 'Valid, Untrusted Signer' means the signer is not yet in the trust list, which is common for newer participants like OpenAI. It's similar to how a website can have a valid SSL certificate from a less-known authority.
How can I add Content Credentials to my own content?
If you use a C2PA-enabled device (like a Google Pixel, Sony Alpha, or Leica M11-P), credentials are added automatically. For software, Adobe Photoshop and Lightroom can attach Content Credentials when you export. For developers, the open-source C2PA tool (c2patool) lets you sign files programmatically.
Is RealConfirmation free to use?
Yes. Individual file verification on our website is free. We plan to offer an API for businesses and developers who need to verify content at scale.
Still have questions?
Learn more about the C2PA standard from the official documentation.