imgkeya reference

Image provenance & authenticity, explained plainly.

A static reference for understanding how digital images prove where they came from — and the standards, tools, and limits behind that proof. Built for journalists, engineers, lawyers, and anyone who needs to tell what's real in an era of synthetic media.

34 pagesupdated 2026no trackingno signup

Start here if you're new: read Why image provenance matters, then Provenance vs. authentication vs. detection. Those two pages frame everything else.

Looking for something specific? The index below is exhaustive. Every page is self-contained and citable.

01

Fundamentals

6 pages
  1. 1.1
    Why image provenance matters now
    The collapse of visual trust, the deepfake curve since 2023, and why detection alone cannot keep up.
  2. 1.2
    Provenance vs. authentication vs. detection
    Three concepts that are routinely conflated. Each answers a different question and has different limits.
  3. 1.3
    Threat models for image manipulation
    Who alters images, what they want, and where each provenance approach succeeds or fails against them.
  4. 1.4
    A short history of image manipulation
    From 19th-century darkroom retouching to GAN-era synthesis. Authentication is older than photography.
  5. 1.5
    What provenance cannot prove
    A credential confirms a claim was made — not that the camera was pointed at what the caption says.
  6. 1.6
    Glossary
    Assertion, claim, manifest, hard binding, soft binding, durable credential, JUMBF, CBOR, and more.
02

C2PA & Content Credentials

8 pages
  1. 2.1
    The C2PA standard: overview
    The coalition, the spec timeline from v1.0 to v2.4, and how Content Credentials relate to the broader CAI.
  2. 2.2
    How Content Credentials work, end to end
    A walkthrough from capture to display: hashing, signing, embedding, transmission, and verification.
  3. 2.3
    Inside a C2PA manifest
    JUMBF containers, CBOR encoding, claim signatures, the manifest store, and how validators traverse them.
  4. 2.4
    Assertions and claims
    The vocabulary of provenance: actions, ingredients, training-mining flags, AI generation, and custom assertions.
  5. 2.5
    Hard bindings vs. soft bindings
    Cryptographic hashes break on a single bit change; watermarks and fingerprints degrade gracefully. Both matter.
  6. 2.6
    Durable Content Credentials
    Surviving social-media re-encoding: how watermarks and fingerprints recover stripped manifests from a repository.
  7. 2.7
    The C2PA trust list and certificate model
    X.509 chains, the official Trust List, the legacy ITL freeze in January 2026, and what "unknown source" means.
  8. 2.8
    Adoption status: cameras, phones, AI tools
    Inventory of shipping implementations: Leica M11-P, Pixel 10, Sony α-series, Firefly, DALL·E, Sora, Imagen.
03

Watermarking & Fingerprinting

4 pages
  1. 3.1
    Invisible watermarking explained
    Frequency-domain embedding, spread-spectrum techniques, capacity vs. robustness, and what "invisible" actually means.
  2. 3.2
    SynthID and AI-generator watermarks
    Google's SynthID, Meta's Stable Signature, OpenAI approaches, and the EU AI Act marking requirement.
  3. 3.3
    Perceptual hashing and fingerprinting
    pHash, dHash, PDQ, and how Meta and Microsoft use them. The math behind "same image, different file."
  4. 3.4
    Attacks on watermarks
    Geometric distortion, regeneration, paraphrasing attacks, and the academic record of what survives what.
04

Detection & Forensics

5 pages
  1. 4.1
    AI image detection: methods and accuracy
    Classifier-based detection, frequency-spectrum tells, and why benchmark numbers don't survive the wild.
  2. 4.2
    Classical image forensics
    Error Level Analysis, noise residuals, JPEG ghosts, CFA artifacts, lighting and shadow consistency.
  3. 4.3
    Reverse image search workflows
    Google Lens, TinEye, Yandex, Bing — what each one indexes well, and how to chain them for verification.
  4. 4.4
    Reading image metadata
    EXIF, XMP, IPTC, ICC profiles, thumbnails, and the maker-note fields that betray more than photographers expect.
  5. 4.5
    Visual indicators of AI generation
    A current (2026) field guide to what diffusion models still get wrong, and what they have stopped getting wrong.
05

Verification in Practice

3 pages
  1. 5.1
    How to verify an image: a workflow
    A repeatable checklist combining provenance inspection, metadata, reverse search, and forensic indicators.
  2. 5.2
    Verification tools, compared
    Content Credentials Verify, FotoForensics, InVID, Truepic Lens, and what each tool tells you it doesn't.
  3. 5.3
    Newsroom verification workflows
    How AP, Reuters, BBC Verify, and Bellingcat work in practice — desks, tooling, and decision criteria.
06

Policy & Regulation

3 pages
  1. 6.1
    The EU AI Act and provenance
    Articles 50 and 52, the August 2026 deadlines, machine-readable marking, and what "deepfake" means in the text.
  2. 6.2
    US laws affecting image provenance
    California SB 942, Texas SB 751, Minnesota HF 1370, and the patchwork of election and intimate-imagery statutes.
  3. 6.3
    Platform policies and metadata handling
    What Meta, X, TikTok, YouTube, and LinkedIn do to C2PA manifests on upload — and which preserve them.
07

Use Cases

3 pages
  1. 7.1
    Provenance for journalism
    Project Origin, the BBC and CBC pilots, and editorial workflows for credentialed news photography.
  2. 7.2
    Provenance for legal evidence
    Chain of custody, Federal Rules of Evidence 901 and 902, and what courts have actually said about C2PA.
  3. 7.3
    Provenance and privacy
    Identity assertions, the surveillance risk of always-on signing, and what the C2PA spec deliberately leaves out.
08

Reference

2 pages
  1. 8.1
    Specifications index
    Direct links to primary documents: C2PA spec versions, JPEG Trust, ISO 22144, IPTC standards, JUMBF (ISO 19566-5).
  2. 8.2
    Further reading
    A curated bibliography: papers, books, court opinions, and reporting that shaped the current landscape.