OpenAI today announced what it calls content provenance signals across its image ecosystem. In other words, it's now tagging AI-generated images as AI-generated, using a combination of standards and advanced technology to make those tags much harder to remove.

This is not entirely new. OpenAI and other AI tools have been embedding metadata in AI-generated images since 2024. However, that metadata tagging was relatively easy to defeat—screenshots, resizing, or re-saving images could strip out the hidden information. What is new is that OpenAI is upping its image identification game with two key technologies: C2PA metadata and Google DeepMind's SynthID digital watermarks.

Stega what, now?

Steganography is the practice of embedding information in plain sight. It has ancient roots: around 440 BC, Herodotus recorded how Histiaeus shaved a messenger's head, tattooed a message, and waited for hair to regrow before sending the messenger. In the digital world, steganography hides data within image pixels, audio samples, or text—often undetectable to the human eye or ear. It's a weak form of encryption if someone suspects it, but it's powerful when the presence of hidden data is not obvious.

OpenAI's new approach leverages digital steganography through SynthID. While earlier methods placed metadata in file headers—easily stripped—SynthID bakes the watermark directly into the pixels themselves. This means even after cropping, resizing, compressing, or taking a screenshot, the watermark remains readable by detection tools.

Standard metadata formatting: C2PA

OpenAI also became a C2PA Conforming Generator Product. C2PA, the Coalition for Content Provenance and Authenticity, provides a standardized framework for attaching secure metadata to digital content. This metadata includes information about when, where, and how the content was created, as well as which AI model generated it. By becoming C2PA conformant, OpenAI ensures that platforms can reliably read and preserve these provenance signals.

“We recently took the step of making OpenAI a C2PA Conforming Generator Product,” the company stated. “By becoming C2PA conformant, we are giving platforms a trusted way to read, preserve, and pass along the provenance information we attach to our content.”

This metadata is now embedded in all images generated through ChatGPT, the OpenAI API, and Codex. It includes both the C2PA content credentials and the SynthID watermark. The combination creates a layered approach that is far more resilient than previous methods.

Hidden digital watermarks: SynthID

Google DeepMind's SynthID is a multimodal digital watermarking technology. For images, it works by subtly altering pixel values in a way that is imperceptible to humans but detectable by algorithms. These alterations embed a unique signal that survives common transformations like blurring, color adjustments, and even screenshots.

SynthID is already used by Google in its Gemini-powered tools. Now OpenAI has adopted it across its image generation services. This is notable because Google and OpenAI are direct competitors, yet they share this technology for the greater good of content provenance.

One fascinating aspect of SynthID is that it can also watermark text without affecting its quality. By making very subtle choices in token selection during generation, a statistical signature is embedded that detection tools can identify. While OpenAI has not yet announced text watermarking for ChatGPT, Google's Gemini already uses this capability.

New public verification tool

Concurrent with these announcements, OpenAI released a public verification tool available at openai.com/research/verify/. Users can upload an image to check whether it was generated by an OpenAI AI tool. The tool reads both C2PA metadata and SynthID watermarks, providing a clear verdict on origin.

The verification tool is expected to handle edge cases, such as partial images from AI combined with real photographs. However, OpenAI acknowledges that no single technique is sufficient alone. “We believe a strong approach combines shared standards, durable watermarking signals, and public verification,” the company noted.

This tool represents an important step toward a more interoperable provenance ecosystem, where anyone—from journalists to casual users—can quickly verify the authenticity of visual content.

Why this matters for spotting AI fakes

The combination of C2PA metadata and SynthID watermarks addresses a critical weakness in earlier AI detection efforts. Previously, metadata could be stripped by simply taking a screenshot or re-saving the image in a different format. With SynthID, the watermark is embedded in the actual pixel data, making it far more durable.

For example, when the older metadata approach was tested, a screenshot of an AI-generated image resulted in Content Credentials tools reporting “Something went wrong” because the metadata was lost. The new SynthID watermark remains intact even after such transformations, providing a reliable way to identify AI-generated content.

This is especially important in an era of deepfakes and digital disinformation. As AI image generation becomes more realistic, the ability to verify authenticity becomes crucial for news organizations, social media platforms, and individual users. OpenAI's new provenance signals are a step in the right direction, but they are not a silver bullet. Other AI companies, such as Google and Adobe, are also developing similar technologies, and industry-wide adoption will be necessary for broad success.

The verification tool is currently in preview, and OpenAI plans to iterate based on feedback. In the coming months, we can expect further refinements and wider integration across platforms. For now, anyone concerned about the provenance of an image can use the tool to check whether it originated from an OpenAI model.

Would you check an image's provenance if a detection tool made it easy? The technology is here, and it's becoming easier to use every day.

Source: ZDNET News