Open Menu
Multimedia content authenticity and provenance

Multimedia content authenticity and provenance

User Name

Written by

Pilar Armas

March 17, 2026

These days, new tools are constantly blurring the lines between reality and fiction. That’s why at Fluendo we have started working on a new project dedicated to digital content provenance. Our goal is to give creators and viewers a reliable way to verify that what they’re watching is the real thing.

But first, what is digital content provenance?

Simply put, digital provenance refers to the verifiable history of a piece of digital content. It acts as a secure “chain of custody” that captures the who, what, when, and how of an asset’s creation and any subsequent edits.

In a world flooded with synthetic media and generative AI, this ability to verify the source of what we see is essential. Digital provenance provides the technical “receipt” needed to distinguish between an original capture and a manipulated deepfake, restoring trust in the digital ecosystem.

Digital provenance and how to address it

The digital ecosystem is facing a severe confidence crisis. As advanced generative AI tools become increasingly accessible, the boundary between what is real and what is not is rapidly blurring. While these tools empower creators, they also make it dangerously easy to spread deepfakes and manipulated media, eroding public trust. The solution lies in digital provenance. Simply put, provenance refers to the verifiable history of a piece of digital content, capturing the who, what, when, and how of its creation. In a world flooded with synthetic media, this ability to verify the source of what we see is essential. To address this, the Coalition for Content Provenance and Authenticity (C2PA) was formed. The C2PA is a comprehensive ecosystem that encompasses the entire content lifecycle, from hardware capture through software creation to distribution platforms, including industry heavyweights.

The technical specification: Content Credentials

The C2PA has created an open, technical standard for establishing the origin and history of digital assets, enabling publishers, creators, and consumers to trace the origin and evolution of digital content pieces. This standard, often referred to as “Content Credentials,” provides a tamper-evident record of an asset’s lifecycle from creation to consumption.

At the heart of the standard is the C2PA Manifest, a collection of data that describes the history of a digital content piece. The Manifest can be embedded within the file (e.g., inside a JPEG or MP4) or stored externally (e.g., in a cloud repository). To ensure security, the standard utilizes two types of “binding”:

  • Hard Binding: The C2PA Manifest is cryptographically linked to the content it refers to. This process relies on Public Key Infrastructure (PKI) to prevent malicious actors from reattaching genuine data to fraudulent assets.

  • Soft Binding: Since social media platforms often strip metadata to save load time, soft binding uses techniques such as watermarking or fingerprinting. This allows the digital asset to remain linked to a cloud-stored manifest even if the file is compressed.

The C2PA specification is currently on a “fast track” to become an ISO standard (ISO 22144).

Live streaming, a gap to be addressed

Several initiatives have been established to address digital video provenance. ONVIF®, the leading global standardization initiative for IP-based physical security products, has entered into a strategic collaboration with the C2PA to combat content manipulation. ONVIF utilizes a standard named MediaSigned content based on SEI messages, similar to the ISO standard for Digitally Signed Content (DSC) defined within VVC and ITU-T H.274. However, live video presents unique challenges. Unlike pre-recorded media, live streams require dynamic processing and real-time signing without compromising performance. These capabilities are not yet formally supported by current C2PA technical specifications. To address this gap, the C2PA has announced a new task force dedicated to defining the technical requirements for live streaming.

Fluendo aims to explore secure live streaming architectures by combining C2PA with:

  • H.264/H.265 using Digitally Signed Content (DSC)
  • H.264/H.265 using ONVIF MediaSigning
  • CMAF delivery
C2PA image

These capabilities will be implemented in GStreamer, continuing Fluendo’s collaboration with the community that spans more than two decades.

Conclusion

The C2PA is the most advanced global initiative dedicated to improving digital trust. For Fluendo, it opens new opportunities to extend digital provenance standards to real-time media. We will leverage the C2PA framework to create solutions that don’t just deliver content, but also verify its authenticity.