OpenAI adopts Google's SynthID watermarking and C2PA metadata to detect AI-generated images

Google's SynthID AI watermarking tech is being adopted by OpenAI, Nvidia, and more

In a few short years, we've gone from easily identifying AI content that featured superfluous fingers to images and videos that look shockingly realistic. How can we know what's real in the age of AI? Google's answer is SynthID, which it first demonstrated three years ago. The company says SynthID has since been used to label 100 billion images and videos, plus 60,000 years' worth of audio. Those numbers are only going up now that SynthID is expanding beyond Google. SynthID is not Google's only AI labeling strategy. It's also committed to the C2PA standard, which tags content with metadata describing how it was created. Google began using C2PA more prominently with its Pixel 10 smartphones. Photos taken with the Pixel 10 include metadata describing how they were processed. If a highly zoomed image includes generative elements, it gets an AI tag, too. Google now says this same feature is coming to videos recorded on Pixel 8, 9, and 10 phones in an update in the coming weeks. It's also adding C2PA scanning to Gemini, allowing the chatbot to explain a file's providence based on the content labeling. This same capability will come to Chrome and Search in a few months. That metadata is fungible, though. On the other hand, SynthID is deeply integrated with AI-generated content. The digital watermark is present in the pixels of images and videos and in the waveform of AI songs and audio overviews from products like NotebookLM. According to Google DeepMind scientist Pushmeet Kohli, the team worked hard to ensure SynthID is much harder to remove, even if you compress it, crop it, or rotate it. "A technology like this will always be attacked," said Kohli. "There was a lot of research that we did in making SynthID robust to different kinds of transformations."

OpenAI is making it easier to check if an image was made by their models

With AI image generators widely available online and more sophisticated than ever, it's never been harder to tell if an image is authentic. But on Tuesday, OpenAI announced two new measures to help fight the problem. The company has committed to an open standard called C2PA, which adds a clear signal in metadata that an image was generated by AI. OpenAI is also partnering with Google to include an invisible watermark called SynthID, which will be harder to detect, but also harder to erase if bad actors try to cover their tracks. The new protections only apply to images generated by OpenAI products, so they won't affect the flood of imagery coming from less reputable AI tools; they can help ensure that OpenAI isn't part of the problem. OpenAI is also previewing a public verification tool that will check for both signals, allowing users to easily test whether an image was generated using AI. Initially, the tool will only extend to images generated by OpenAI products; the company hopes to expand it to cover other tools over time. Founded in 2021, the Coalition for Content Provenance and Authenticity (C2PA) is a non-profit dedicated to mitigating the harmful effects of AI imagery on public discourse. The C2PA standard has been adopted by a range of Google products, but adoption remains inconsistent across the industry. Because the C2PA signal is clearly accessible in the metadata of each file, it can be manipulated, and is most useful among trusted users. SynthID is a newer effort designed to be a more robust measure to meddling. Developed by Google, the SynthID watermark is designed to persist even when bad actors attempt to remove it, either through screenshots, resizing or digital manipulation. The two systems are meant to complement each other, with each addressing the other's weaknesses. "Watermarking can be more durable through transformations like screenshots, while metadata can provide more information than a watermark alone," OpenAI noted in its announcement. "Together, they make provenance more resilient than either layer would be on its own."

OpenAI's new image watermarks make it easier to spot AI fakes - here's how

OpenAI now uses C2PA metadata and SynthID watermarks.Hidden pixel signals can help identify AI-generated images.A public OpenAI verification tool is also rolling out. Today, OpenAI announced what it calls content provenance signals across its image ecosystem. In other words, it's tagging its AI-generated images as AI-generated. This is not new. OpenAI and other AI tools have been embedding metadata in AI-generated images since 2024. The problem was that the metadata tagging was pretty easy to defeat. What is new is that OpenAI is upping its image ID security game with some fancy new tech. Also: I tested ChatGPT Images 2.0 vs. Gemini Nano Banana to see which is better - this model wins There's a lot going on here. To help put it in perspective, we're going to travel all the way back to 440 BC and one dude's bad hair day. Steganography is the practice of embedding cryptographic information in plain sight, basically using techniques to conceal messages in such a way that the cryptographic intent of the messages is not immediately apparent. In other words, knowing someone or something is carrying a code is halfway to cracking the code. According to modern research, in the fifth century BCE, Herodotus of Halicarnassus, writing in the books Terpsichore and Polymnia of his nine-book Histories, tells the story of how, "Around 440 B.C. Histiæus shaved the head of his most trusted [assistant] and tattooed it with a message which disappeared after the hair had regrown. The purpose was to instigate a revolt against the Persians." Apparently, this technique was used as recently as World War II. Also: I tested ChatGPT Plus vs. Gemini Pro to see which is better - and if it's worth switching If you've ever watched a TV detective show where a hidden message is revealed by reading every few letters of an otherwise ordinary note, you've seen a text-based example of steganography. As encryption goes, it's weak. But if you don't know there's a message in the note, you might not try to decrypt it. Steganography has been used in digital images for years to embed text information among the millions of pixels that make up a picture. This allows senders to embed images that are displayed in plain sight. It also allows creators to embed ownership and origination information into an image in a way that's very difficult to defeat. We'll come back to steganography in a moment because it's key to today's OpenAI announcement. But first, let's go back to the future, but not all the way. Our next stop is 2024. OpenAI has been embedding metadata in images generated by DALL-E 3, ImageGen, and Sora since 2024. You can use a tool like Content Credentials to examine that data. Google's Nano Banana and other image-generating AI tools also embed some metadata in their images. Also: I stopped using ChatGPT for everything: These AI models beat it at research, coding, and more Here's an example of images generated by ChatGPT on the left and Nano Banana on the right. As you can see, the metadata is properly available. Content Credentials can display the data. On the other hand, when I took a screenshot of each image, which captured the pixels but not the underlying metadata, Content Credentials merely reported "Something went wrong." The image capture completely eliminated the metadata associated with the original image file. This, among other things, is what OpenAI and Google are trying to fix. According to OpenAI, "We've been building toward this for some time. We have used visible watermarks in Sora and an audio watermark in Voice Engine, and have continued to test and research accuracy and reliability over time, through deployment." OpenAI says, "We recently took the step of making OpenAI a C2PA Conforming Generator Product. By becoming C2PA conformant, we are giving platforms a trusted way to read, preserve, and pass along the provenance information we attach to our content." Let's unpack that. C2PA is the Coalition for Content Provenance and Authenticity. It has a C2PA Conformance Program, which "provides assurance that products adhere to the Content Credentials specification, and fulfill a set of security requirements to ensure they are producing and validating C2PA data correctly." Also: How to learn ChatGPT in an hour - for free In other words, the content metadata is standardized, secure, and contains enough information to make it useful. OpenAI is doing this for all its image offerings. Its PR rep told me, "all images generated by ChatGPT and OpenAI (including the OpenAI API and Codex) contain these provenance signals." Signals. Plural. That brings me to the big hammer of this announcement. Google DeepMind's SynthID is a multimodal digital watermarking mechanism that embeds invisible digital watermarks in text, images, video, and audio. This is some snazzy tech. Interestingly, given that Google and OpenAI are arch-competitors, OpenAI is now incorporating SynthID technology in all the images the company generates. For images, SynthID is pixel-based. A subtle steganographic-like signal is embedded into images right when they're generated. The identity data is imperceptible to the human eye, but detection tools can read the data. This digital watermark remains in the image even after resizing, cropping, compression, and color adjustments. It transfers to screenshots. The digital signature is baked into the entire image, rather than just showing up in a small area of the image. Also: I tried ChatGPT Images 2.0: A fun, huge leap - and surprisingly useful for real work So even though Nano Banana puts its little diamond in the corner of images it generates, it also embeds a much more comprehensive signal throughout the entire image. There's one additional fascinatingly powerful aspect of SynthID that OpenAI didn't mention: SynthID can watermark text, apparently without affecting the quality of the text. What it does is very subtly choose which token is used in each block of text so that what's generated can be scanned to find a statistical signature that detector software can identify. This capability has not been announced by OpenAI and is therefore probably not used in ChatGPT, but it is used in Gemini. As with C2PA, OpenAI is embedding SynthID into images generated through ChatGPT, Codex, and the OpenAI API. Concurrent with the announcement of the C2PA compliance and SynthID capabilities, OpenAI is announcing the availability of a public verification tool you can use to see if something was generated by one of OpenAI's AI tools. I'm writing this the night before the official announcement goes public. By the time you read this article, you should be able to test the tool at https://openai.com/research/verify/. Also: I compared how Gemini, ChatGPT, and Claude can analyze videos - this model wins I'm very curious about the limits of this tool and also how well it works in concert with SynthID. What happens, for example, if you pull part of an image from ChatGPT and use it with a real photograph as part of a Photoshop composition? Does it report how much was AI tagged? We'll check back on this with real-world tests at some point after the tool is released. According to OpenAI, "No single provenance technique is enough on its own. We believe a strong approach combines shared standards, durable watermarking signals, and public verification. By building on our long-standing support for Content Credentials, becoming conformant with C2PA, adopting SynthID, and previewing public verification tooling, we hope to contribute in the long run to a more interoperable provenance ecosystem." Would you check an image's provenance if a detection tool made it easy? Let us know in the comments below.

OpenAI says it's getting serious about AI detection and labeling

OpenAI is announcing updates today that aim to make it easier for people to identify when online content has been generated using its AI models. Alongside strengthening its commitment to embedding generated works with C2PA content credentials -- currently the most recognized provenance standard for checking how image, video, and audio content was made or edited -- OpenAI will now also apply Google's SynthID watermarks to provide a "multi-layered approach" for AI labeling tools. "These two systems reinforce each other. C2PA helps content carry detailed context; SynthID helps preserve a signal when metadata does not survive," OpenAI said in its announcement. "Watermarking can be more durable through transformations like screenshots, while metadata can provide more information than a watermark alone. Together, they make provenance more resilient than either layer would be on its own." SynthID watermarking will initially be applied to images generated by ChatGPT, Codex, or the OpenAI API. The callout for metadata preservation is interesting -- anecdotally, I've seen SynthID used more reliably by fact checkers and media agencies to verify deepfake images online compared to C2PA. This expansion to cover both could make content generated by OpenAI less likely to slip through gaps in verification systems, making deepfakes easier to distinguish and helping online platforms to label generated or AI-manipulated content for their users. As part of this expansion, OpenAI is also previewing a public verification portal that will allow users to see if images carry AI metadata or watermarks. When an image is uploaded, the portal will check C2PA and SynthID provenance signals to flag if it was generated with ChatGPT, the OpenAI API, or Codex. This is limited to images generated by OpenAI to start, but the company says it aims to support other verification systems in the coming months and eventually expand to more types of content that people encounter online. "No detection method is foolproof, so we take a cautious approach in cases when detection fails," OpenAI writes. "If no metadata or watermark is detected, for example, the tool will not make a definitive conclusion about whether the image was generated with OpenAI tools since provenance signals can in some cases be stripped." OpenAI has also joined the C2PA Conformance Program. According to the program description, this "provides assurance that products adhere to the Content Credentials specification, and fulfill a set of security requirements to ensure they are producing and validating C2PA data correctly." It's worth noting that OpenAI has been embedding C2PA data into image and video content for some time, however, and the system has done little to help with reliably identifying OpenAI's deepfake content in the wild. That's because the metadata can be easily removed when it leaves the platform it was originally posted to -- some platforms even accidentally remove it during the upload process.

OpenAI adds C2PA metadata and SynthID watermarks to AI images

The dual-layer approach pairs visible metadata with invisible watermarks, but it only covers OpenAI's own products. OpenAI has announced two new measures designed to help the public determine whether an image was created by its AI models. The company is formally joining the Coalition for Content Provenance and Authenticity (C2PA) open standard while simultaneously partnering with Google to embed its invisible SynthID watermark across OpenAI's image outputs. The moves represent a meaningful step toward transparency in AI-generated imagery, though their scope remains limited to content produced by OpenAI's own tools. The C2PA standard, founded in 2021 by Adobe, Arm, the BBC, Intel, Microsoft, and Truepic, attaches metadata to a file that records its origin and any edits made along the way. It has since been ratified as an ISO standard and adopted by a range of Google products, though adoption remains inconsistent across the wider industry. Because the C2PA signal sits in a file's metadata, it is clearly accessible, which also means it can be stripped or manipulated. The standard is most reliable among trusted users and platforms that choose to preserve it. SynthID, developed by Google DeepMind, takes a different approach. Rather than attaching readable metadata, it embeds an invisible watermark directly into the image. That watermark is designed to persist even through screenshots, resizing, compression, and other forms of digital manipulation, making it far harder for bad actors to remove. The two systems are intended to complement each other. As OpenAI explained, watermarking offers durability through transformations such as screenshots, while metadata provides richer contextual information than a watermark alone. Together, the company argues, they create a provenance system more resilient than either layer would be independently. Alongside the announcement, OpenAI is previewing a public verification tool that checks for both C2PA credentials and the SynthID watermark. The tool will allow anyone to upload an image and determine whether it was generated by one of OpenAI's models. For now, the tool only covers images produced by OpenAI's products, though the company has said it hopes to expand its scope over time. That is a significant limitation. The flood of AI-generated imagery circulating online comes from a vast ecosystem of tools, many of which have little incentive to adopt provenance standards. OpenAI's new measures can help ensure the company is not contributing to the problem, but they will do nothing to address images from less scrupulous sources. The announcement arrives amid growing concern from governments and civil society about the role of AI-generated content in misinformation and public discourse. C2PA has attracted more than 6,000 members and affiliates as of early 2026, and its specification reached version 2.1 last year. OpenAI has now joined the coalition's steering committee, positioning it alongside Adobe, Microsoft, and other founding members in shaping the standard's future direction. Google, for its part, has been expanding SynthID adoption across its own products. The partnership with OpenAI marks the first time the technology will be embedded in a major rival's outputs, a notable instance of cross-industry collaboration on AI safety and transparency. Still, the practical impact of these measures depends on how widely they are adopted beyond the companies already at the table. Detecting AI-generated content remains a cat-and-mouse challenge, and provenance signals are only as useful as the platforms willing to check for them. OpenAI's dual-layer approach is a sensible technical foundation, but the harder problem, getting the rest of the industry to follow suit, is one no single company can solve alone.