Free C2PA Verification Tool

Upload any image to check its C2PA content credentials — author, copyright, AI flags, and manifest validity. No signup. 30 free checks per day.

Check for invisible watermarks and signatures

Upload any image to detect hidden watermarks and verify C2PA content credentials

Drop any image here to inspect it

or browse files · JPEG · PNG · WebP · HEIC · max 100 MB

🔒 Invisible watermark check📋 C2PA signature check

What C2PA verification actually checks

C2PA (Coalition for Content Provenance and Authenticity) is an open technical standard that lets creators cryptographically sign images with a provenance manifest. When you run a C2PA verification on an image, the tool reads that manifest and validates the certificate chain to confirm whether the claimed metadata is trustworthy.

A valid verification result tells you the following data has not been altered since the creator signed the file:

  • Author or creator name
  • Copyright notice and license terms
  • Creator website or identifier
  • AI-generated flag and the tool name used (if applicable)
  • Timestamp of when the manifest was signed
  • Cryptographic certificate chain confirming manifest integrity
  • Edit history (if the signing tool recorded it)

How to read your C2PA verification result

After uploading, you'll see one of three outcomes:

  • Valid credentials The manifest is intact and the certificate chain verifies. The author and provenance data shown can be trusted. This is the expected result for images signed with ForensicMark, Adobe Firefly, or any C2PA-compliant application.
  • Invalid or tampered manifest A manifest exists but the cryptographic check failed. The image may have been modified after signing, the certificate may have expired, or the manifest may have been partially stripped. The provenance claim is not reliable.
  • No content credentials found No C2PA manifest is embedded. This is the most common result — most images circulating online were never signed. It does not mean the image is fake, only that no verified provenance chain exists.

Why C2PA metadata disappears on social media

Instagram, X (Twitter), Facebook, and TikTok all re-encode images on upload. That re-encoding strips file metadata, including the entire C2PA manifest. It's a known limitation of the standard, not a bug in any signing tool.

This is why serious content protection workflows pair C2PA signing with an invisible watermark. The C2PA manifest provides strong cryptographic proof of origin when sharing the original file through trusted channels. The invisible watermark survives re-encoding and screenshots, so provenance tracking continues even after the manifest is stripped.

C2PA verification for EU AI Act compliance

Article 50 of the EU AI Act requires providers of AI systems that generate synthetic content to mark that output in a machine-readable format. C2PA content credentials, including the AI-generated flag field, are a technically recognized approach for satisfying this disclosure requirement.

If you're using AI image generation in a commercial context and need to demonstrate compliance, running C2PA verification on your signed outputs provides an auditable record that the AI disclosure was embedded correctly. Legal teams can use this tool to spot-check credentials before distribution.

Who uses a C2PA verification tool

  • Content creators and agencies checking that their AI-generated images were signed before delivery to clients
  • Journalists and fact-checkers verifying the provenance of images received from sources
  • Legal and compliance teams confirming AI disclosure flags meet EU AI Act or platform policy requirements
  • Developers testing their C2PA signing pipeline before deploying to production
  • Publishers and platforms auditing image submissions for content credential requirements

C2PA vs invisible watermark: which do you need?

They solve different problems. The strongest protection uses both.

Feature C2PA Manifest Invisible Watermark
Survives social media upload No — stripped on re-encode Yes
Survives screenshots No Yes (steganographic)
Cryptographic proof of authorship Yes No (identifier only)
Readable by third-party tools Yes (open standard) Only by signing service
EU AI Act disclosure support Yes Partial
Tracks image after redistribution Only if file intact Yes

Troubleshooting: why isn't my C2PA manifest showing up?

If you signed an image and the verifier shows no credentials, here are the most common causes:

  • The image was uploaded to and re-downloaded from a social platform
  • The file was converted between formats — PNG to JPEG, for example — after signing
  • A screenshot was taken of the signed image rather than saving the original file
  • The signing tool produced a sidecar manifest (a separate .c2pa file) rather than embedding it in the image
  • The file was edited in a non-C2PA-aware tool after signing, which invalidates the manifest

To check whether your signing workflow is working correctly, use the C2PA Sign Tool to sign a test image and verify it here immediately, without any intermediate processing.

Frequently Asked Questions

What is C2PA verification?

C2PA verification reads the cryptographically signed manifest embedded in an image file and confirms whether the claimed author, copyright, and provenance data have not been altered since signing. A valid result means the certificate chain is intact and the manifest data can be trusted.

Why does my image show no content credentials?

Most images on the internet have no C2PA manifest — the standard is still being adopted. If your image was signed and now shows no credentials, it was most likely re-encoded by a platform like Instagram or X, which strips file metadata on upload.

Does C2PA verification work on screenshots?

No. Screenshots create a new image file with no manifest. For provenance tracking that survives screenshots and social media re-uploads, pair your C2PA signing with an invisible watermark.

Is this C2PA checker free?

Yes. You get 30 free C2PA verifications per day with no account required. For bulk verification or API access, request an API key below.

What does an invalid C2PA manifest mean?

An invalid manifest means the cryptographic certificate chain could not be verified. This is usually because the image was modified after signing or the certificate has expired. It doesn't mean the image is fake, but the provenance claim cannot be trusted.

Which image formats does the C2PA verifier support?

JPEG, PNG, WebP, AVIF, HEIF, and TIFF. The C2PA specification also supports MP4 video and PDF, available through the API.

Related Tools

C2PA Sign Tool

Embed content credentials into your image with a signed C2PA manifest

Invisible Watermark

Embed a hidden watermark that survives social media re-uploads and screenshots

Detect Watermark

Check for both invisible watermark and C2PA credentials in one upload

Need more than 30 verifications per day?

Get an API key for unlimited C2PA verification, batch processing, and pipeline integration. Supports JPEG, PNG, WebP, AVIF, MP4, and PDF.

Get API Access

Learn more: What is C2PA? Content credentials explained