How Pixel and Android are bringing a brand new stage of belief to your photos with C2PA Content material Credentials

At Made by Google 2025, we introduced that the brand new Google Pixel 10 telephones will help C2PA Content material Credentials in Pixel Digicam and Google Photographs. This announcement represents a sequence of steps in the direction of higher digital media transparency:

• The Pixel 10 lineup is the primary to have Content material Credentials in-built throughout each picture created by Pixel Digicam.
• The Pixel Digicam app achieved Assurance Degree 2, the best safety score at present outlined by the C2PA Conformance Program. Assurance Degree 2 for a cell app is at present solely attainable on the Android platform.
• A personal-by-design method to C2PA certificates administration, the place no picture or group of photos will be associated to 1 one other or the one who created them.
• Pixel 10 telephones help on-device trusted time-stamps, which ensures photos captured along with your native digicam app will be trusted after the certificates expires, even when they have been captured when your system was offline.

These capabilities are powered by Google Tensor G5, Titan M2 safety chip, the superior hardware-backed safety features of the Android platform, and Pixel engineering experience.

On this publish, we’ll break down our architectural blueprint for bringing a brand new stage of belief to digital media, and the way builders can apply this mannequin to their very own apps on Android.

A New Method to Content material Credentials

Generative AI will help us all to be extra inventive, productive, and modern. However it may be arduous to inform the distinction between content material that’s been AI-generated, and content material created with out AI. The flexibility to confirm the supply and historical past—or provenance—of digital content material is extra necessary than ever.

Content material Credentials convey a wealthy set of details about how media resembling photos, movies, or audio information have been made, protected by the identical digital signature expertise that has secured on-line transactions and cell apps for many years. It empowers customers to establish AI-generated (or altered) content material, serving to to foster transparency and belief in generative AI. It may be complemented by watermarking applied sciences resembling SynthID.

Content material Credentials are an trade customary backed by a broad coalition of main corporations for securely conveying the origin and historical past of media information. The usual is developed by the Coalition for Content material Provenance and Authenticity (C2PA), of which Google is a steering committee member.

The normal method to classifying digital picture content material has targeted on categorizing content material as “AI” vs. “not AI”. This has been the premise for a lot of legislative efforts, which have required the labeling of artificial media. This conventional method has drawbacks, as described in Chapter 5 of this seminal report by Google. Analysis reveals that if solely artificial content material is labeled as “AI”, then customers falsely imagine unlabeled content material is “not AI”, a phenomenon known as “the implied reality impact”. This is the reason Google is taking a special method to making use of C2PA Content material Credentials.

As a substitute of categorizing digital content material right into a simplistic “AI” vs. “not AI”, Pixel 10 takes the primary steps towards implementing our imaginative and prescient of categorizing digital content material as both i) media that comes with verifiable proof of the way it was made or ii) media that does not.

• Pixel Digicam attaches Content material Credentials to any JPEG picture seize, with the suitable description as outlined by the Content material Credentials specification for every seize mode.
• Google Photographs attaches Content material Credentials to JPEG photos that have already got Content material Credentials and are edited utilizing AI or non-AI instruments, and likewise to any photos which are edited utilizing AI instruments. It should validate and show Content material Credentials below a brand new part within the About panel, if the JPEG picture being seen accommodates this information. Be taught extra about it in Google Photographs Assist.

Given the broad vary of eventualities through which Content material Credentials are connected by these apps, we designed our C2PA implementation structure from the onset to be:

1. Safe from silicon to purposes
2. Verifiable, not personally identifiable
3. Useable offline

Safe from Silicon to Purposes

Good actors within the C2PA ecosystem are motivated to make sure that provenance information is reliable. C2PA Certification Authorities (CAs), resembling Google, are incentivized to solely situation certificates to real cases of apps from trusted builders so as to stop unhealthy actors from undermining the system. Equally, app builders need to defend their C2PA declare signing keys from unauthorized use. And naturally, customers need assurance that the media information they depend on come from the place they declare. For these causes, the C2PA outlined the Conformance Program.

The Pixel Digicam software on the Pixel 10 lineup has achieved Assurance Degree 2, the best safety score at present outlined by the C2PA Conformance Program. This was made attainable by a robust set of hardware-backed applied sciences, together with Tensor G5 and the licensed Titan M2 safety chip, together with Android’s hardware-backed safety APIs. Solely cell apps operating on gadgets which have the required silicon options and Android APIs will be designed to attain this assurance stage. We’re working with C2PA to assist outline future assurance ranges that may push protections even deeper into {hardware}.

Reaching Assurance Degree 2 requires verifiable, difficult-to-forge proof. Google has constructed an end-to-end system on Pixel 10 gadgets that verifies a number of key attributes. Nevertheless, the safety of any declare is essentially depending on the integrity of the appliance and the OS, an integrity that depends on each being saved present with the newest safety patches.

• {Hardware} Belief: Android Key Attestation in Pixel 10 is constructed on help for Machine Identifier Composition Engine (DICE) by Tensor, and Distant Key Provisioning (RKP) to ascertain a belief chain from the second the system begins as much as the OS, stamping out the commonest types of abuse on Android.
• Real Machine and Software program: Aided by the {hardware} belief described above, Android Key Attestation permits Google C2PA Certification Authorities (CAs) to confirm that they’re speaking with a real bodily system. It additionally permits them to confirm the system has booted securely right into a Play Defend Licensed model of Android, and confirm how just lately the working system, bootloader, and system software program and firmware have been patched for safety vulnerabilities.
• Real Utility: {Hardware}-backed Android Key Attestation certificates embody the bundle identify and signing certificates related to the app that requested the technology of the C2PA signing key, permitting Google C2PA CAs to verify that the app requesting C2PA declare signing certificates is a trusted, registered app.
• Tamper-Resistant Key Storage: On Pixel, C2PA declare signing keys are generated and saved utilizing Android StrongBox within the Titan M2 safety chip. Titan M2 is Frequent Standards PP.0084 AVA_VAN.5 licensed, that means that it’s strongly proof against extracting or tampering with the cryptographic keys saved in it. Android Key Attestation permits Google C2PA CAs to confirm that personal keys have been certainly created inside this hardware-protected vault earlier than issuing certificates for his or her public key counterparts.

The C2PA Conformance Program requires verifiable artifacts backed by a {hardware} Root of Belief, which Android gives via options like Key Attestation. This implies Android builders can leverage these identical instruments to construct apps that meet this customary for his or her customers.

Privateness Constructed on a Basis of Belief: Verifiable, Not Personally Identifiable

The sturdy safety stack we described is the muse of privateness. However Google takes steps additional to make sure your privateness at the same time as you utilize Content material Credentials, which required fixing two extra challenges:

Problem 1: Server-side Processing of Certificates Requests. Google’s C2PA Certification Authorities should certify new cryptographic keys generated on-device. To forestall fraud, these certificates enrollment requests must be authenticated. A extra widespread method would require consumer accounts for authentication, however this might create a server-side report linking a consumer’s id to their C2PA certificates—a privateness trade-off we have been unwilling to make.

Our Answer: Nameless, {Hardware}-Backed Attestation. We resolve this with Android Key Attestation, which permits Google CAs to confirm what’s getting used (a real app on a safe system) with out ever figuring out who’s utilizing it (the consumer). Our CAs additionally implement a strict no-logging coverage for data like IP addresses that would tie a certificates again to a consumer.

Problem 2: The Threat of Traceability By way of Key Reuse. A big privateness threat in any provenance system is traceability. If the identical system or app-specific cryptographic secret is used to signal a number of pictures, these photos will be linked by evaluating the important thing. An adversary might probably join a photograph somebody posts publicly below their actual identify with a photograph they publish anonymously, deanonymizing the creator.

Our Answer: Distinctive Certificates. We eradicate this risk with a maximally personal method. Every key and certificates is used to signal precisely one picture. No two photos ever share the identical public key, a “One-and-Accomplished” Certificates Administration Technique, making it cryptographically inconceivable to hyperlink them. This engineering funding in consumer privateness is designed to set a transparent customary for the trade.

Total, you should utilize Content material Credentials on Pixel 10 with out concern that one other particular person or Google might use it to hyperlink any of your photos to you or each other.

Able to Use When You Are – Even Offline

Implementations of Content material Credentials use trusted time-stamps to make sure the credentials will be validated even after the certificates used to provide them expires. Acquiring these trusted time-stamps usually requires connectivity to a Time-Stamping Authority (TSA) server. However what occurs if the system is offline?

This isn’t a far-fetched situation. Think about you’ve captured a surprising picture of a distant waterfall. The picture has Content material Credentials that show that it was captured by a digicam, however the cryptographic certificates used to provide them will ultimately expire. And not using a time-stamp, that proof might grow to be untrusted, and also you’re too removed from a cell sign, which is required to obtain one.

To resolve this, Pixel developed an on-device, offline TSA.

Powered by the safety features of Tensor, Pixel maintains a trusted clock in a safe atmosphere, fully remoted from the user-controlled one in Android. The clock is synchronized commonly from a trusted supply whereas the system is on-line, and is maintained even after the system goes offline (so long as the cellphone stays powered on). This enables your system to generate its personal cryptographically-signed time-stamps the second you press the shutter—no connection required. It ensures the story behind your picture stays verifiable and trusted after its certificates expires, whether or not you took it in your front room or on the prime of a mountain.

Constructing a Extra Reliable Ecosystem, Collectively

C2PA Content material Credentials will not be the only real answer for figuring out the provenance of digital media. They’re, nevertheless, a tangible step towards extra media transparency and belief as we proceed to unlock extra human creativity with AI.

In our preliminary implementation of Content material Credentials on the Android platform and Pixel 10 lineup, we prioritized a better customary of privateness, safety, and value. We invite different implementers of Content material Credentials to judge our method and leverage these identical foundational {hardware} and software program safety primitives. The complete potential of those applied sciences can solely be realized via widespread ecosystem adoption.

We sit up for including Content material Credentials throughout extra Google merchandise within the close to future.