Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowing users to verify whether images are real or AI-generated, or edited. The company announced the integration of the new feature during the Made by Google […] Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowing users to verify whether images are real or AI-generated, or edited. The company announced the integration of the new feature during the Made by Google 2025 event. Content Credentials, secured by digital signatures, let users verify how media was created, helping spot AI-generated or altered files and boosting trust. Backed by the C2PA coalition, they provide a secure, industry-standard way to track media origin and history. Unlike traditional “AI vs. not AI” labels, which risk the “implied truth effect”, Google’s Pixel 10 applies Content Credentials to distinguish between content with verifiable proof of creation and media without such provenance. “Content Credentials convey a rich set of information about how media such as images, videos, or audio files were made, protected by the same digital signature technology that has secured online transactions and mobile apps for decades. It empowers users to identify AI-generated (or altered) content, helping to foster transparency and trust in generative AI. It can be complemented by watermarking technologies such as SynthID.” reads Google’s announcement. “Instead of categorizing digital content into a simplistic “AI” vs. “not AI”, Pixel 10 takes the first steps toward implementing our vision of categorizing digital content as either i) media that comes with verifiable proof of how it was made or ii) media that doesn’t.” reads Google’s announcement. Pixel Camera adds Content Credentials to all JPEG captures per C2PA specifications, while Google Photos applies them to AI and non-AI edits, validating and showing details in the About panel. Google’s C2PA implementation is built to be secure from silicon to apps, verifiable without exposing personal data, and usable offline, fostering trust in digital media authenticity. Google’s Pixel 10 achieves C2PA Assurance Level 2, the highest defined, using Tensor G5, Titan M2, and hardware-backed Android APIs to secure provenance data. This ensures media integrity through verified hardware trust, genuine devices, certified apps, and tamper-resistant key storage. Privacy is preserved with anonymous attestation and one-time-use cryptographic keys, preventing traceability across images. To guarantee reliability even offline, Pixel integrates an on-device trusted time-stamping system, maintaining verifiable proof long after certificates expire. This approach balances strong security, privacy, and usability. In its first rollout of Content Credentials on Android and Pixel 10, Google prioritized privacy, security, and usability. The company invites other implementers to adopt the same hardware and software security foundations, stressing that the full value of these technologies depends on broad ecosystem adoption and collaboration to ensure transparency and trust in digital media. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, PIXEL)
Published: 2025-09-10T18:17:27