How it works

An extension built for visual trust

Start by signing content in a C2PA-compliant format, either with an imported certificate or with an integrated test certificate, then verify and explain the provenance signals found in files and pages.

Sign with a certificate

Add C2PA Content Credentials using an imported certificate, or generate an integrated test certificate for demos and validation workflows.

Verify a file

Drop an image into the popup to read its C2PA manifest, integrity status, certificate details and useful metadata.

Scan a page

Analyze visible images in the current tab and display badges to distinguish verified, signed, unsigned or invalid content.

Status colors

A short flow for a clear decision

Open the extension, read the status, then explore the full report.

Trusted

Valid Content Credentials + recognized certificate chain.

Signed but untrusted

Cryptographically valid signature, certificate not publicly trusted.

Invalid

C2PA data present, but integrity or signature validation failed.

No credentials

No C2PA evidence detected. This does not mean the content is fake.

Open the full report to inspect the manifest, actions, signature and PKI trust details.

Use cases

Concrete workflows for teams that publish or verify images

Editorial and newsroom checks

Before publishing or reusing an image, verify whether it has Content Credentials, who signed it and whether the file still matches its manifest.

Brand and communication teams

Sign campaign visuals, product images or press assets so partners can verify the origin and detect later modifications.

Trust, compliance and investigation

Inspect the signature, certificate chain and trust result when a visual asset needs evidence, not just a visual guess.

Developers and integration teams

Generate test certificates, validate signing flows and prepare a C2PA workflow before connecting production PKI or hardware-backed certificates.

Certificates

Create test credentials or use your own certificate chain

The extension supports the full signing workflow: generating C2PA-compatible test certificates for demos, importing existing certificates and keys, or relying on hardware-backed certificates when your environment provides them.

T

Test certificate creation

Generate a test certificate for development, demos and internal validation, then sign media in a C2PA-compliant format without needing a production PKI first.

PKI

Certificate import

Import your own certificate and private key when you already have signing material, so generated manifests can use your organization's identity.

HW

Hardware-backed support

Use certificates provided through hardware support such as a security token, smart card or HSM-backed setup, keeping private keys outside the extension whenever configured.