It's a good start, but an end-to-end workflow requires more: Cameras or smartphones to generate signed images, support for Content Credentials in a wide variety of image-editing software, and the ability to view authenticated metadata on social media and websites. The Cloudflare changes allow its Images service to add actions to the Content Credential manifest and re-authenticate using the company's credentials, Will Allen, head of privacy and media products at Cloudflare, wrote in a blog post describing the feature. Still, some islands of functionality have appeared: Images from OpenAI's DALL-e and Adobe's Firefly are labeled with Content Credentials tagging them as AI-generated, while end-to-end services, such as Truepic, use the technology in its platform to digitally sign and authenticate images. The effort to establish digitally verifiable images, video, and other content using signed metadata known as Content Credentials promises an internet where users can easily determine the source of media and whether it is authentic. As a founder of the content-authenticity movement, Adobe has extensive support for Content Credentials in its own products — such as a beta feature in Photoshop and tagging images generated with its generative AI service, Adobe Firefly. Truepic, for example, essentially created its own end-to-end authenticated image service based on Content Credentials, allowing companies to know the provenance of images. At this year's Consumer Electronics Show in January, Samsung announced its upcoming Galaxy S25 mobile phone will support Content Credentials, but only to label images that have been edited by AI. In the last year, major camera makers — Canon, FujiFilm, Leica, Nikon, and Sony — announced support for the Content Credentials standard, but only a few models with the capability have hit the market. The brainchild of the Coalition for Content Provenance and Authenticity (C2PA), Content Credentials allow the signing of a metadata audit trail — a manifest — that accompanies images and other media. "It is crucial to ensure that Content Credentials are enabled on all devices throughout the entire workflow—from capture to editing to sharing," says Nico Köhler, head of product experiences for Leica Camera AG. While different manufacturers are releasing specific implementations of Content Credentials, creating an end-to-end workflow for images — from creation to editing to distribution to end users — continues to be a challenge. In early February, for example, Cloudflare tackled one small part of a typical workflow, the content delivery network, announcing that its CDN service would preserve image credentials, even through automated compression and image resizing. "This requires that all tools and platforms involved in the process support Content Credentials. Closed end-to-end ecosystems that incorporate the Content Credentials specification show the potential of the digital authentication feature. Content Credentials show each of those steps as part of an audit log, which provides people with information about whether the content they are viewing is real or has been somehow modified. Meanwhile, computer-based editing software that supports Content Credentials is mainly limited to Adobe's products. Because smartphones do not yet have the Content Credential technology embedded in the device, Truepic requires its app be used to take photos and video.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 20 Feb 2025 05:55:13 +0000