How to Verify an AI-Generated Image: C2PA vs SynthID

When you encounter an image and want to know whether it was AI-generated, two distinct verification layers exist: C2PA Content Credentials and Google's SynthID watermark. They work through different mechanisms, carry different amounts of information, and require different tools to inspect. Understanding what each layer does, and where each fails, is the practical starting point for any verification workflow.

The dual-layer model: why two systems exist

No single provenance mechanism handles every situation. C2PA Content Credentials offer rich, cryptographically verifiable detail about an image's origin and edit history. SynthID embeds an imperceptible watermark directly into the pixel values of an image. Each layer targets the weakness of the other.

A screenshot of an AI-generated image destroys the C2PA manifest. The screenshot creates a new file with no container metadata from the source. SynthID survives that operation because the watermark lives in the pixel data, which the screenshot copies intact.

Conversely, SynthID can tell you that an image came from a SynthID-enabled generator, but nothing more. It carries no creator identity, no edit history, no timestamp. C2PA provides all of that, for files that travel with their metadata intact. Together they give the verification ecosystem a fallback: full provenance context when the file survives intact, and a minimal AI-origin signal when the file has been stripped and re-shared.

Layer 1: C2PA Content Credentials

C2PA Content Credentials are a signed provenance record embedded in the file container of an image, video, or audio file. When an AI generator like Adobe Firefly or the ChatGPT image tool creates an image, it writes a manifest into the file that records the tool name, creation date, and any edits applied. That manifest is signed with a certificate, so any modification to the file after signing invalidates the signature.

The manifest structure is defined by the C2PA specification and is an open standard. Any verifier with the spec can read and validate a manifest without relying on a proprietary service. That openness is a meaningful advantage over watermarking systems that require the creator's proprietary detector.

What C2PA tells you

A typical C2PA manifest includes the name of the software or hardware that created the file, a timestamp, the name of the organization or person that signed the manifest, and a list of assertions covering any edits made to the content. For a photo taken on a Pixel 10, the manifest records the camera model and the capture timestamp. For an image from Adobe Firefly, it records the AI tool name and the fact that the content is AI-generated.

For a deeper look at what's inside a manifest, the guide on inspecting C2PA metadata walks through each field in detail.

Where C2PA falls short

C2PA metadata is fragile. The manifest is stored in the file container, not in the pixel data. Any operation that writes a new file without copying the original container metadata destroys the manifest. The most common such operation is a screenshot: the operating system captures the visible pixels and writes a fresh PNG or JPEG with no trace of the original file's metadata.

Social media platforms compound this. Most major platforms transcode uploaded images and videos, stripping container metadata in the process. A C2PA-signed image uploaded to a platform that does not explicitly preserve credentials will arrive at the viewer's device with no manifest.

The C2PA specification is explicit on this point: absent credentials are not evidence that content is inauthentic. They mean only that the manifest did not survive the distribution path. Why provenance matters covers this broader context in more depth.

Layer 2: SynthID

SynthID, developed by Google DeepMind and launched in 2023, takes a different approach. Instead of embedding a metadata record in the file container, it modifies the pixel values of an image in ways that are imperceptible to humans but detectable by a trained classifier. The watermark is distributed across the entire image rather than concentrated in a single location, which makes it robust to operations like cropping, resizing, and JPEG compression.

Because the watermark lives in the pixel data, it survives a screenshot. The screenshot copies the modified pixels. The classifier, run against those pixels, still detects the watermark pattern even though the file is now a different container with no original metadata.

What SynthID tells you

SynthID detection produces a signal: "this image was generated by a SynthID-enabled system." That is the extent of the information. The watermark carries no creator identity, no tool name, no edit history, and no timestamp. It is a binary flag, not a provenance record.

As of May 2026, Google DeepMind reports that over 100 billion images, videos, and audio files have been watermarked with SynthID. New adopters announced in May 2026 include OpenAI, Kakao, ElevenLabs, and Nvidia. The watermark is present in outputs from Google's Imagen models, Gemini, and now ChatGPT's image tools.

Where SynthID falls short

SynthID has two principal limitations. First, information poverty: the watermark signals AI origin but nothing else. It cannot tell you which tool produced the image, who created it, or whether the image has been edited. For verification purposes, that is useful as a trip wire but insufficient as a provenance record.

Second, detection requires Google's proprietary infrastructure. The watermark pattern and the detector model are not open-source. A third-party developer cannot implement SynthID detection independently; there is no public specification comparable to the C2PA spec. Detection is only available through Google's SynthID Detector portal, the Gemini app, and increasingly through Google Search and Chrome as that rollout continues.

How to check each layer in practice

Checking C2PA Content Credentials

C2PA Viewer at c2paviewer.com reads the full Content Credentials manifest from any supported file. Drop a file onto the inspector and the manifest appears: creator, tool, timestamp, and edit history. Everything runs locally in your browser via WebAssembly. The file never leaves your device.

That local processing matters for privacy. Many verification workflows involve sensitive documents or images you may not want to upload to an external server. C2PA Viewer resolves that: full manifest parsing with no upload.

For a fuller guide to what each field in the manifest means, see how to verify C2PA content.

Checking SynthID

C2PA Viewer cannot detect SynthID watermarks. That is not a gap in the tool; it reflects how SynthID works. The detector model and the watermark key are proprietary to Google DeepMind and are not available as an open library. Implementing SynthID detection requires access to Google's infrastructure, which is not publicly licensed. Any tool claiming to detect SynthID without using Google's own API is making an unsupported claim.

For SynthID detection, use one of the tools Google provides:

• SynthID Detector: Google's verification portal. Access is rolling out through a waitlist for journalists, researchers, and media professionals. Details are on the Google DeepMind SynthID page.
• Gemini app: the SynthID verification feature at gemini.google.com checks images, video, and audio for a SynthID watermark. This is the option available to most people today.
• Google Search and Chrome: as of the May 2026 announcement, native C2PA and SynthID detection is coming to these surfaces. Rollout is ongoing.

When an image has no provenance signals at all

Many images circulating online carry neither C2PA metadata nor a SynthID watermark. This is the most common situation, not the exception. The absence of provenance signals does not tell you whether an image is authentic, AI-generated, or manipulated.

C2PA metadata is stripped by screenshots, by most social media transcoders, and by any image editing workflow that does not explicitly preserve manifest data. SynthID only exists in outputs from generators that have adopted it, which excludes the majority of AI image tools currently in use.

The practical implication: treat provenance signals as positive evidence when they are present. A valid C2PA manifest with an intact signature from a known organization is meaningful evidence about the file's origin. A detected SynthID watermark is useful confirmation of AI generation. But the absence of either signal is not evidence of authenticity. It means only that no signal was detected.

This is why the C2PA specification explicitly states that verifiers should treat absent credentials as inconclusive rather than as a mark of suspicion. A photojournalist's authentic camera image will typically carry C2PA credentials if the camera supports it. But a legitimate photo taken on a phone that does not yet implement C2PA will carry none, and that tells you nothing about whether the photo is real.

Which tool to use for each layer

The practical routing is straightforward:

• C2PA layer: use C2PA Viewer for private, local inspection with no upload required. The full manifest is parsed in your browser. For a second opinion, the Content Authenticity Initiative's verify.contentauthenticity.org is the other widely-used open tool.
• SynthID layer: use the SynthID verification feature in the Gemini app at gemini.google.com, or the waitlisted SynthID Detector portal. Detection requires uploading the image to Google's service. There is no local option for SynthID.

For completeness, run both checks. A file with a valid C2PA manifest gives you the full provenance record. A file with a SynthID watermark gives you confirmation of AI origin even if the manifest was stripped. A file with both gives you the strongest possible provenance signal currently available.

Frequently Asked Questions