We hand every file you publish a cryptographic birth certificate — tamper-evident, machine-verifiable, and defensible under the EU AI Act and California SB 942. Files erased on sign, no quality loss, no ambiguity about who made what.
Images, video, audio, documents — up to 500 MB. Your file is briefly held on a so the cryptographic signature can be embedded.
A locks the content. For images we weave in a robust that survives screenshots.
Image & video get a signed ; audio & documents get our own envelope. Your file leaves with the signature baked in, and the server-side copy is deleted the same second — we keep the hash and certificate, never the file.
Drag the divider. The image is identical on both sides — our DNA Mark is invisible by design, so it survives screenshots, recompression, and crops without ever announcing itself. The one visible artefact is the official Content Credentials logo on the watermarked half — the same disclosure mark recognised by Adobe, the BBC, and the EU AI Act's safe harbour.
Drag to compare · DNA Mark is invisible · Optional CR logo ships with every certified file
Every certificate is a small, self-describing record. Nothing proprietary. Nothing hidden. Hover any underlined word for a plain-English translation.
The cryptographic fingerprint of your exact bytes. Change one pixel and the hash changes completely — that's how tampering gets caught instantly.
A second fingerprint that captures what the image looks like, not its bytes. Catches a thief who re-exports your image to hide the tampering.
What you said this is: a real camera capture, fully AI-generated, or a hybrid of both. Forms the provenance trail everyone downstream can trust.
The record — signed with so any standards-compliant viewer verifies it.
A timestamp we sign alongside the hash. Combined with the audit log, it answers the legal question: “when did this first exist as certified?”
The disclosure regimes this certificate satisfies. Machine- readable, so a verifier can answer compliance questions without a human reading the metadata.
Each medium gets the protections that fit it. The certificate is identical; the path to get there isn't.
The full stack runs on images: , signed manifest, and the industry-standard overlay.
Professionals ship video at maximum quality — any re-encode is lossy by definition, so we refuse to touch the bitstream. The certificate is . Want a visible pin? Download an overlay PNG and composite it in Premiere, DaVinci or Final Cut.
Audio engineers mix at bit-perfect precision, so we never touch a single sample. The signature rides in the file's , so the container header changes by a few hundred bytes but the sound is untouched.
PDFs are a linear stream: anything after the trailing marker is ignored by readers, so we park our signed envelope there. Your document opens identically in every viewer, but our validator can pull the envelope out and verify it instantly.
You tag every file with one of three labels at certification. That declaration is signed into the manifest and surfaces on every downstream verifier.
Fully synthetic output from a generative model. The certificate records the model used and declares no real-world capture.
A camera or microphone recording of the real world. No generative AI touched this file. The strongest provenance claim.
Real capture later edited or enhanced with AI. The middle ground — honest about what happened, trusted because it's disclosed.
We didn't guess. Every layer — the hash, the signature, the visible pin, the declaration, the audit log — exists because a specific regulation or standard demands it. That traceability is the difference between a badge and a defence.
One caveat: this is content provenance, not CE marking. CE (AI Act Art. 48) applies to the AI system itself, not its outputs.
Requires of AI-generated content. Every file we sign — C2PA manifest for image & video, DNA Watermark envelope for audio & PDF — clears the technical bar.
Californian law mandates both and disclosure for large AI providers. We issue both at once.
Your file is held on our servers only for the seconds it takes to embed the signature, then deleted the instant the certificate is issued. We retain the SHA-256 hash and the signed manifest — never the file. Nothing to breach, nothing to subpoena.
Image and video certificates validate in any C2PA-aware tool: Adobe Content Credentials, verify.contentcredentials.org, BBC Verify, and every social platform adding support in 2026. Audio and PDF ride on our DNA Watermark envelope and verify at /validator— we'll converge with C2PA as audio & document support land.
Tap any card to flip it. Search if you already have a term in mind.
Common questions
One minute, one file, one signature. Nothing to install.