Google has stamped an invisible marker into more than 100 billion AI-generated images and videos, and you have probably scrolled past a few of them today without noticing. It is called SynthID, and as of May 2026 it also rides inside pictures made by ChatGPT. A SynthID image watermark hides in the pixels themselves rather than in the file's metadata, which is why it survives the screenshot-crop-repost cycle that erases every other clue about where a picture came from. Most explainers stop there. The part they skip is how to read the result you get back, and that is where almost everyone goes wrong.

The short version
SynthID is an invisible watermark that Google DeepMind embeds into AI-generated pixels at the moment an image is created, so it survives cropping, filters, compression, and screenshots that strip normal metadata. Anyone can check for it free by uploading the image to the Gemini app and asking whether it was created or edited by AI. A watermark hit is strong evidence the picture came from a SynthID-enabled generator like Gemini, Imagen, Veo, or ChatGPT. A miss proves nothing, because plenty of AI tools embed no watermark at all, which is why SynthID belongs in a verification workflow rather than at the end of one.

What a SynthID Image Watermark Actually Is

SynthID is a watermarking system built by Google DeepMind that marks content as AI-made without changing how it looks. It launched in 2023 for images from Imagen, and it now covers images, video, audio, and text across Google's AI products. The word "watermark" is doing unusual work here. There is no logo in the corner, no translucent text, nothing your eye can find at any zoom level. The signal lives in small, deliberate adjustments to pixel values, spread across the entire frame.

That design choice is the whole point. Traditional origin information sits in metadata, and metadata is fragile. Screenshot an image, upload it to a social platform, or re-save it in another format, and the metadata is usually gone. The pixels stay. So SynthID puts its evidence inside the picture instead of on a label attached to the file.

How Google Hides a Signal Inside the Pixels

Two neural networks do the work, and they are trained together. One embeds a pattern into the image while it is being generated, learning to hide it where human vision is worst at noticing change. The other learns to recover that pattern later, after the image has been through editing and compression. Because they improve against each other, the embedder gets better at hiding and the detector gets better at finding, which is how the signal ends up both invisible and durable.

Two details matter if you verify images for a living. First, the watermark goes in during generation rather than being bolted on afterwards, which is a large part of why it is hard to strip cleanly. Second, it is spread across the picture instead of parked in one corner, so a crop of a watermarked image usually still carries enough signal to be identified. The trade-off: this is a learned statistical pattern, not a cryptographic signature. It can indicate that AI made something. It cannot prove who made it, when, or with which model.

What the Watermark Survives, and What Wipes It Out

Google says the watermark is designed to hold up through cropping, added filters, color changes, resizing, and lossy compression, and to survive a screenshot. That covers nearly everything an ordinary person does to an image between seeing it and resharing it, which is exactly the design brief: the mark should still be there after the picture has been through the internet.

It is not indestructible, and Google has never said it was. DeepMind's own phrasing is that SynthID is not foolproof against extreme image manipulation. Independent researchers have found the same shape of result. Ordinary edits and random noise barely dent it, while attacks that rebuild the pixels from scratch, such as running the picture back through another AI model, are what actually break the signal. Anyone who tries usually pays for it in image quality.

There is a quieter failure mode that matters far more day to day. A watermark can cover only part of a picture. Photograph a real street, then use an AI editor to add a crowd, and only the generated region carries the mark. Google's detection tools account for this and can report that a portion of an image is AI-generated rather than the whole thing. That partial result is the one that trips people up, because they came looking for a yes or a no.

How to Check an Image for SynthID in Under a Minute

The everyday method is free and takes about thirty seconds. Open the Gemini app, upload the image, and ask whether it was created or edited by AI. Gemini looks for a SynthID watermark and reports what it finds, including whether only part of the image is marked. Google said at I/O 2026 that this check had already been run 50 million times worldwide, and that it is expanding the same capability into Search and Chrome, so the question can be asked where people already look at images.

Gemini screenshot showing a SynthID watermark detection result for an uploaded image
SynthID watermark detection result

Two other routes exist, both with limits worth knowing. The SynthID Detector portal, the dedicated verification tool DeepMind announced in 2025, is still not open to the public; access runs through an early-tester waitlist aimed at journalists, media professionals, and researchers. OpenAI also has a verification preview of its own that checks for a SynthID watermark and content credentials, but only for images its own products created.

Quick check
Upload the file to the Gemini app and ask: "Was this image created or edited by AI?" Then read the answer for three things, in this order. Was a watermark actually found? Does it cover the whole image or only a region? And is the tool describing a real watermark, or guessing from visual artifacts? That last one matters most, because a guess is not evidence.

f you want a second opinion that does not depend on a watermark existing at all, that is where pixel forensics earns its keep. Run the same file through our free AI image detector and compare the two answers. Agreement raises your confidence quickly. Disagreement tells you exactly where to dig next.

The Mistake Almost Everyone Makes With a Clean Result

A common mistake I notice: someone runs a suspicious photo through a checker, sees "no watermark found," and treats it as proof the photo is real. It is not. It is proof that this specific image does not carry this specific watermark, which is a far smaller claim than it feels like.

Think about what would have to be true for a clean result to mean anything. The picture would have to have come from a generator that embeds SynthID in the first place, and it would have to have survived any processing harsh enough to degrade the signal. Neither is guaranteed. Anyone running an open-weight model on their own machine can produce an image with no watermark of any kind, and that is precisely the population you worry about when you are chasing a fake. Watermarking is a transparency system for cooperating tools. It was never a trap for uncooperative ones.

A SynthID hit tells you an image is synthetic. A miss tells you almost nothing at all.

Who Embeds SynthID Now, and Who Still Doesn't

For most of its life, SynthID was a Google-only feature marking output from Imagen, Gemini, and Veo. That changed at Google I/O 2026, when OpenAI, Nvidia, Kakao, and ElevenLabs were named as adopters. OpenAI's move is the one that reshapes detection work in practice: in May 2026 it began adding both a SynthID watermark and C2PA content credentials to images from ChatGPT, the OpenAI API, and Codex.

100 billion+ images and videos watermarked with SynthID since its 2023 launch, plus 60,000 years of audio, according to Google's I/O 2026 announcement

Now the gap. Midjourney, Stable Diffusion, FLUX, Grok, and the long tail of open-weight models running on people's own GPUs are not on that list, and neither is anything a determined bad actor can download and run offline. The coverage map comes down to this: the biggest commercial generators are increasingly marked, and everything else is not. That is real progress on accountability for mainstream tools, and close to zero progress on the images most likely to be used to deceive you.

SynthID and C2PA Answer Two Different Questions

You will see these two named together constantly, and they are not rivals. C2PA content credentials are signed metadata: a record of which device or tool made a file, when, and what edits followed. SynthID is a signal hidden in the pixels. The first carries rich detail and is easy to destroy. The second carries almost no detail and is hard to destroy.

Which is why the industry is stacking them rather than picking one. Screenshot a credentialed image and the metadata disappears, but a SynthID watermark rides along in the pixels. Keep the file intact and the credentials tell you a story no watermark could. Google now checks both in the Gemini app, and Pixel phones have started writing content credentials at the moment of capture, which builds the other half of the picture: evidence that a camera, not a model, produced the file.

Watermarks tell you a machine was involved. Content credentials tell you who was involved. Neither one tells you whether the picture is true.

Where SynthID Fits in a Real Verification Workflow

Treat SynthID as the cheapest signal to collect first, not as the verdict. When an image matters enough to check properly, this is the order I would work through.

Start with origin signals: ask Gemini for a SynthID check, and look at any content credentials attached to the file. If either confirms AI involvement, you are finished, and the image is generated or AI-edited. If nothing turns up, move on rather than concluding anything. Next, interrogate the file itself: metadata, resolution, compression history, and whether the picture has any documented life before the moment someone showed it to you. A reverse image search often ends the whole investigation by surfacing the original.

Then run a model-based detector that hunts for the statistical fingerprints of generation instead of a watermark, since that works whether or not the generator cooperated. Finally, weigh the context: who published it, what claim it supports, and whether anyone else recorded the same moment. Each step gives you a probability rather than a verdict, and stacking them is how you reach a confident answer.

Gemini reporting no SynthID watermark next to an ELA detector flagging the same photo as fifty percent AI generated
Same file, two different answers: Gemini found no SynthID watermark, while an ELA-based detector flagged the image as fifty percent likely computer generated or modified
Before you call an image real
No watermark plus no content credentials equals no information, not innocence. Only treat a picture as authentic when you have positive evidence for it: an original file with intact credentials, a reverse image search that reaches a credible source, or corroboration from someone who was actually there.

Questions People Actually Ask About SynthID

Can a SynthID image watermark be removed?
Not through normal editing. Cropping, filtering, compressing, and screenshotting all leave it intact, which is precisely what it was built for. Google concedes it is not foolproof against extreme manipulation, and researchers have shown that rebuilding an image through another AI model can destroy the signal. That kind of attack tends to wreck the picture along the way, and it does nothing to make the image any less synthetic.
Does a SynthID watermark mean the image is fake?
It means AI generated or edited it, which is not the same thing as fake. A product photo tidied up with an AI eraser and a fabricated news scene can both carry the mark. The useful detail is usually not the yes or no but the scope: whether the whole image is watermarked, or only the region someone added.
Can I detect SynthID without using Google's tools?
Not reliably. Unlike C2PA, which is an open standard anyone can implement, SynthID detection runs through Google's own detector, whether you reach it through the Gemini app, Search, Chrome, or the waitlisted portal. Partners such as OpenAI can verify watermarks in images from their own products, but there is still no independent, open way to read the signal yourself.
Does SynthID work on video, audio, and text too?
es, with different strengths. Video watermarks are embedded frame by frame and audio watermarks sit in the sound itself, so both hold up well. Text is the weak one: the mark rides on word-choice probabilities, so heavy rewriting or translation can wash it out, and short passages carry too little signal to judge.

What to Do the Next Time an Image Looks Off

SynthID is the best invisible marker anyone has shipped at scale, and it now sits inside a large share of the AI images you will meet this year. It answers one question well: did a cooperating AI tool make this? It cannot answer the question you usually care about, which is whether the thing in the picture ever happened.

So build the habit instead of trusting the tool. Next time an image makes you pause, spend sixty seconds on it: ask Gemini whether it carries a watermark, then run the same file through our free AI image detector for a second opinion that does not depend on the generator having played along. Two signals, one minute, and a much better answer than a shrug.