Frequently asked questions
Clear answers about local-first C2PA verification, trust statuses, page scanning, test certificates and custom workflows.
Does C2PA Signer upload my files?
No. Verification and signing workflows are designed to run locally in the browser. Selected files and signing identities are not uploaded to a C2PA Signer backend.
Does No credentials mean fake?
No. No credentials means no C2PA evidence was detected. It does not mean the content is fake or false. Many legitimate assets do not carry Content Credentials yet.
Can it detect AI-generated images?
No. C2PA Signer can show declared AI or editing actions when Content Credentials are present, but it is not AI detection or fake detection. It reviews provenance and integrity signals.
What statuses does C2PA Signer use?
C2PA Signer uses four statuses consistently: Trusted, Signed but untrusted, Invalid and No credentials. The full report should be used to inspect manifest, signature and certificate-chain details.
What formats are supported?
C2PA Signer is designed around common verification workflows for JPG/JPEG, PNG, PDF and MP4. Actual results depend on whether the file contains supported C2PA data.
Are test certificates publicly trusted?
No. Test certificates are for demos, development and internal validation. Public trust requires a recognized certificate chain from the C2PA trust ecosystem.
Does page scanning run automatically?
Page scanning is intended to run when you request it from the extension. It inspects supported visible media on the current tab and displays C2PA status badges where evidence is available.
Can teams use custom integrations?
Yes. C2PA Signer can support custom workflows for CMS, DAM, internal dashboards, branded extensions and team-specific provenance reports.
Still have questions?
For implementation questions, certificate behavior, enterprise workflows or product support, contact the C2PA Signer team.