DigiCert launches content trust manager for AI media

DigiCert has launched Content Trust Manager as part of its DigiCert ONE platform.

The product is aimed at organisations seeking to verify the origin and integrity of digital media as AI-generated and altered content becomes more common online.

Content Trust Manager lets users attach verifiable credentials to images, video and other digital assets, allowing viewers to see where material came from, how it has changed and who made those changes. Delivered as a managed service, it is designed to spare customers from building their own signing infrastructure.

The product uses cryptographic signing and verification through DigiCert's public key infrastructure and adopts the Coalition for Content Provenance and Authenticity, or C2PA, standard. Backed by technology groups including Adobe, Microsoft and Google, the standard is intended to keep provenance information attached to files as they move between systems.

Shift in approach

The launch reflects a broader shift in how companies approach content verification. Metadata and platform signals can be removed or altered, pushing organisations towards cryptographic methods that offer a stronger way to prove authenticity.

Deepika Chauhan, Chief Product Officer at DigiCert, outlined the company's view of the challenge.

"Trust in digital content is under pressure as AI makes it easier than ever to create and alter images, video, and other media," said Deepika Chauhan, Chief Product Officer, DigiCert.

"What's needed is a consistent, scalable way to attach trust directly to content itself. Content Trust Manager brings together DigiCert's global PKI and C2PA's open standards to attach trusted, tamper-evident credentials to digital media," Chauhan said.

The product supports signing through APIs, browser tools and some on-premises deployments. It also includes certificate issuance, key management and timestamping within the service.

DigiCert is targeting large businesses, media groups and public sector bodies that need to show where digital content originated and whether it has been changed. The company also said the product could help organisations demonstrate responsible AI practices and respond to regulatory demands around content authenticity.

Broader platform

Content Trust Manager also incorporates functions from DigiCert's Document Trust Manager, bringing document and media verification together in one platform. Customers can therefore manage authenticity measures across different forms of digital content rather than treating documents and media as separate categories.

DigiCert also linked the product to its Device Trust Manager business, which focuses on signing content at the point of capture. Under that model, device manufacturers can embed C2PA certificates into cameras, microscopes and scanners so content can be signed and timestamped when it is created.

The aim is to create a chain of trust from the source file onwards, rather than adding provenance only after content enters an editing or publishing workflow. For sectors where image integrity matters, such as media, research and parts of government, source-level signing could become an important part of establishing authenticity.

Jennifer Glenn, Research Director for IDC Security and Trust Group, said the market was moving towards standards-based verification.

"The growth of AI-generated content requires organisations to prove authenticity to preserve and maintain trust," said Jennifer Glenn, Research Director, IDC Security and Trust Group.

"By embracing C2PA standards and the proven trust of PKI, organisations can build the cryptographic foundation needed to verify provenance and authenticity of digital content, ensuring credibility and trust with customers," Glenn said.

Content Trust Manager is available now as part of DigiCert ONE and is intended to let organisations sign images, video and other assets with credentials that remain independently verifiable as the content is shared or edited.