User Experience Guidance

Research consistently shows that identity is one of the strongest trust signals audiences look for when evaluating content. CAWG identity assertions should be easy to locate, clearly understandable, and visually distinct from other provenance information in a C2PA Manifest.

Not all identity assertions hold the same level of verifiability. Likewise, not all C2PA implementers will choose to display identity information, even if present in a C2PA Manifest. Therefore, verified identities should be surfaced prominently within progressive disclosure interfaces (L1-L3) and visually differentiated from referenced or self-declared information. Hierarchy within the identity section helps establish clarity and confidence.

Representing individual human and organizational identity enhances the value of Content Credentials in many contexts but also introduces sensitivity around privacy. Actors must be informed of any personally identifiable information included in their Content Credentials and provided the option to add, remove, or decline inclusion prior to Manifest signing.

Implementations should communicate verification status and issuer relationships clearly to help audiences assess credibility. When identity is backed by a trusted certificate authority, implementers should disclose who verified the information, the verification method, and the corresponding root of trust. Manually entered or unverified information must be labeled accordingly.

CAWG implementations should maintain parity with the overall C2PA UX guidance. Terminology, progressive disclosure levels, and interaction models should align to ensure users experience Content Credentials consistently across implementations and contexts.

CAWG identity assertions should appear as a distinct group within a C2PA Manifest display, separate from general C2PA assertions. Within this section, verified identities should be presented before referenced or self-declared identities to establish a clear hierarchy of trust across the levels of progressive disclosures.

Identity information should follow the progressive disclosure model established by the C2PA UX progressive disclosure framework:

Hierarchy should be applied both across disclosure levels and within the identity section itself, ensuring that verified identities are visually and semantically distinct from referenced ones. When multiple actors are associated with an asset, roles and trust levels should determine their order of presentation.

Verification is a core differentiator in identity-based Content Credentials. Verified identities are generally considered more trustworthy than self-asserted or manually entered names. Implementers should make verification states explicit through clear labeling and iconography.

CAWG identity assertions represent named actors, which can include human individuals and organizations. Implementers should distinguish these cases clearly and present them in ways that reflect their differing trust models and verification paths.

CAWG identity assertions can include linked social profiles and websites as secondary trust signals. When verified through OAuth or DNS validation, these links should inherit verified user interface treatment.

When manually entered, they must be clearly labeled as referenced or unverified. For example, actors may describe their relationship to an asset using standardized roles such as creator, editor, publisher, etc. Because this is a self-attested assertion, it’s important to distinguish this from other verifiable identity information.

Implementers should align with each verification badging and verification conventions to preserve familiarity and ensure audiences interpret trust signals consistently. Consistent terminology promotes interoperability and helps audiences understand each contributor’s involvement.

CAWG metadata assertions can be included in an interface display, preferably in as a referenced assertion and attested to by a named actor. This provides for the inclusion of information in a C2PA Manifest of assertions like an asset title, license, media identifiers, or any field referenced from standards such as XMP, IPTC, or Exif.

Metadata assertions are usually provided by the actor themselves, but they can also include information verified by another trusted party. When metadata is not attributed to the signer of the C2PA manifest, it should be treated as a referenced assertion within the CAWG identity section. Implementers should clearly show the difference between self-declared and verified metadata so that manifest consumers can understand which information is more trustworthy.

Metadata information should appear in a distinct section, visually separate from verified identity and C2PA provenance data.

Verification status may change over time. When validation fails due to credential expiration, issuer revocation, or trust-chain issues, the user interface must present a clear message explaining the current status and, when possible, link to issuer or verifier details.

Messages should use plain language and appear within the context of the identity section rather than as a global error.

Correctly identifying and displaying trust signals is of paramount concern for our overall user experience. CAWG and C2PA strive to understand the value consumers will apply to content attribution through ongoing user research studies and usability testing.

There are many potential and general use cases that will warrant further user research and design recommendation to understand the needs of actors using CAWG assertions or consuming them. Additional use cases include topics like support for multiple actors and displaying chosen names instead of verified ones. Unlike C2PA assertions that disclose immutable information about how an asset was created or edited, identity information may be thought of more fluidly. Considerations for enabling mutability for identity assertions should be explored, allowing human actors to maintain maximum control over how they express themselves and preferences for their content.