A photo appears in your feed. Perfect lighting, stunning detail, slightly uncanny. AI-generated — or a real photo? Until now: shrug and guess. From now on: check.
In mid-May 2026, OpenAI announced that all images coming out of ChatGPT — via DALL-E 3 — carry two types of markers: one visible, one invisible. Sounds minor. It isn't.
What's inside?
The system has two layers.
C2PA metadata (Content Credentials): Imagine every image carries a digital ID card. Inside: Created with DALL-E 3, date, time, any edits. This information is embedded in the file itself — invisible to the eye, but readable by software. This isn't an OpenAI solo project: the C2PA coalition (Content Provenance and Authenticity) developed this standard. Adobe, Microsoft, Google, and now OpenAI are all on board.
SynthID watermark: Developed by Google. Literally woven into the pixels, so subtly that humans see nothing. Software does. And the key point: the watermark survives cropping, compression, rotation, and re-saving. That's the crucial detail — standard metadata disappears with a simple screenshot. SynthID stays.
Why not just one method?
Because each method alone has a weak spot.
C2PA metadata? Take a screenshot. Done. The provenance info is gone. SynthID alone? Technically robust, but: who checks it if no standard tool is available?
Together they work better. If the metadata is missing but the watermark is still there — someone tried to cover their tracks. The signal is already the finding.
What can I do with this?
OpenAI has announced a public verification tool: upload an image, get two answers. Are Content Credentials present? Is a SynthID watermark detected?
Already usable today: contentcredentials.org — check many images there, provided the source participates. Free. No account, no subscription.
The catch — because there always is one
First: New images only. Everything DALL-E generated before this update carries no watermark. The old catalog is unmarked.
Second: SynthID is not open source. Whether an image came from Midjourney, Stable Diffusion, or Gemini — you can't check with this, unless those providers join in. Midjourney hasn't yet. Stable Diffusion is open source and fundamentally uncontrollable.
Third: Determined attackers can remove watermarks. Research papers exist on this. SynthID is robust — but not unbreakable. It's a speed bump, not a lock.
Short version: this system helps against the casual, careless sharing of AI images. Against deliberate misuse, it's not a miracle cure.
Still: a real step forward
The interesting thing isn't the technology itself — it's the movement toward an industry standard. OpenAI is doing it, Google is doing it, Adobe is doing it (Firefly), Microsoft is doing it. When enough providers participate, the verification tools become genuinely useful.
The comparison: photo attribution. Before: shrug. Now: EXIF data, metadata, digital signatures. Perfect? No. Better than nothing? Clearly.
For AI images, we're just getting started.
What you can do right now
- Images from ChatGPT that you forward: they stay marked. That's actually a good thing.
- Bookmark the verification tool: contentcredentials.org — works today.
- Keep in mind: watermarks protect against fully AI-generated images — not against real photos that have been manipulated.
AI-generated images aren't going away. But you no longer have to trust blindly.