How to Strip C2PA Content Credentials From an Image
C2PA Content Credentials are signed provenance metadata in the file container. Learn where they live, reliable ways to remove them, and how to verify the file is clean.
C2PA Content Credentials are cryptographically signed provenance records that ride along with an image file. They can state that a picture was made or edited with AI, name the model and tools involved, and stamp a timestamp. The “Made with AI” label you may have seen when inspecting an image is one of them. The important thing to understand is that this information is stored as container metadata, not baked into the pixels. That single fact governs how you remove it and how easily.
Where C2PA data is stored
C2PA uses a JUMBF box to hold its signed manifest, and that box is embedded into a format-specific slot in the container. This is why the same credential can be handled slightly differently depending on how you exported the file.
| Format | Where the manifest is stored |
|---|---|
| JPEG | An APP11 marker segment carrying the JUMBF box |
| PNG | A caBX chunk in the chunk stream |
| WebP | A dedicated C2PA chunk in the RIFF container |
| AVIF / HEIC | A metadata box within the ISO base media container |
Ways to remove Content Credentials
Since the credential is attached to the container, the reliable approaches all come down to producing a fresh file that never had the manifest written into it. Any of these works:
- ExifTool. ExifTool removes C2PA along with EXIF and XMP in a single command, including AI-origin tags. It is the most surgical option because you keep the pixels untouched.
- Re-save through an editor. Opening the image and exporting a new copy typically writes a container without the original manifest.
- Canvas re-encode. Drawing the image to an HTML canvas and calling toBlob produces a file with no container attachments at all: C2PA, EXIF, XMP, and ICC are all dropped.
- Screenshot. A screenshot builds a new file from displayed pixels, so it inherits none of the source provenance metadata.
- Upload to a platform that re-encodes. Many social platforms strip C2PA on upload as a side effect, though you do not control whether or when they do.
Verify the file is actually clean
Never assume. Confirm. Drop the edited file into contentcredentials.org/verify. A file with the credential removed reports “No Content Credentials found.” This step catches the WebP passthrough problem and any editor that quietly preserved the manifest.
What removing C2PA does not do
Clearing the credential removes a declared, signed provenance record. It does not make an image indistinguishable from a human-made one. Two other things are untouched: statistical AI-image classifiers, which analyze the pixels directly and ignore metadata entirely; and any imperceptible SynthID-style pixel watermark, which lives in the image content and survives every metadata-stripping method above. Newer ChatGPT images can carry both a C2PA credential and a SynthID pixel signal. See our guide on removing a ChatGPT and DALL·E watermark for that combination.
If your image has an embedded pixel signal in addition to the credential, that requires diffusion regeneration to disrupt, and the outcome is not guaranteed. Our AI watermark remover and C2PA removal flows handle the supported layers together. Delete SynthID supports JPEG, PNG, WebP, AVIF, HEIC, and HEIF up to 20MB, and your first image is free. See pricing for the rest.
Last reviewed July 11, 2026. This guide is general product and publishing information, not legal advice.