Guide
Google’s SynthID, C2PA, and steganographic signals — decoded. How they work, why they exist, and what actually disrupts them.
When you generate an image with tools like Google’s Imagen, Gemini, Adobe Firefly, or Stable Diffusion, the resulting file often contains more than what you can see. Alongside the visible pixels, AI companies embed a hidden signal — an invisible watermark — designed to identify the content as AI-generated.
Unlike the visible watermarks you’re used to (logos, text overlays, semi-transparent stamps), these signals are imperceptible to the human eye. You cannot see them, but specialized tools can detect them — and platforms increasingly use them to label or restrict AI-generated content.
SynthID is Google DeepMind’s watermarking system, embedded across Imagen, Veo (video), Lyria (audio), and Gemini-generated content. As of late 2025, it has watermarked over 10 billion pieces of content.
It works by subtly altering pixel values in the frequency domain of the image — modifying patterns invisible to humans but detectable by a trained model. It’s designed to survive cropping, resizing, JPEG compression, and basic color adjustments.
Strength: High · Survives: Most edits · Detectable via: Google’s SynthID tool
C2PA is an industry standard backed by Adobe, Microsoft, Google, and Sony. Instead of hiding a signal inside pixels, it attaches a cryptographically signed manifest to the file’s metadata. This manifest records the content’s origin: who created it, when, and with what tool.
Adobe Content Credentials (used in Firefly-generated images) are based on C2PA. Unlike SynthID, C2PA credentials are easily removed — simply re-saving or converting the file often strips the metadata.
Strength: Low · Survives: Basic edits only · Detectable via: contentcredentials.org/verify
Some providers use classical steganography — hiding a binary payload inside the least significant bits of pixel color values. This is the oldest form of digital watermarking. Stable Diffusion uses it by default.
These are the most fragile: aggressive JPEG compression, resizing, or re-encoding typically destroys them entirely.
Strength: Low · Survives: Minimal edits · Detectable via: Specialized LSB tools
The stated goals are generally:
Technically, yes — but with caveats that depend on the type.
SynthID
The hardest to remove. Research shows that diffusion model re-rendering disrupts it with ~79% success, because the process rewrites pixel statistics across the entire image, destroying the frequency-domain patterns where the watermark lives. Other methods — aggressive filters, format re-encoding — degrade detection confidence rather than eliminate the signal completely.
C2PA / metadata
Trivially removable: a simple format conversion (PNG → JPG), stripping EXIF data, or re-saving in any editor that discards metadata eliminates it. The trade-off is losing the verifiable provenance chain.
Steganographic
Generally fragile. JPEG re-compression at lower quality, aggressive resizing, or any re-encoding operation typically destroys LSB-based watermarks.
How Goodbye Watermark works
Goodbye Watermark uses a multimodal AI model to edit your image — rewriting pixel values throughout the entire frame to cleanly remove visible watermarks like logos, text overlays, and stamps.
Because this process regenerates pixel statistics from scratch, it also disrupts frequency-domain signals like SynthID — the same mechanism behind diffusion re-rendering, which research places at ~79% effectiveness. C2PA metadata is discarded entirely in the output file.
Note: this is a byproduct of how the model works, not a guaranteed feature. Results may vary by image and watermark strength.
SynthID Detector
Google's public tool for checking images generated by Imagen or Gemini for a SynthID signal.
aisandbox.withgoogle.com/ →Content Credentials Verify
Adobe's verification tool that reads C2PA manifests and displays the full provenance chain.
contentcredentials.org/verify →ExifTool
Free command-line tool that reads all metadata from image files, including C2PA and standard EXIF fields.
Hive Moderation
API-based AI content detector that classifies images as AI-generated with high accuracy, regardless of watermark presence.
Ethics note: Removing invisible watermarks to misrepresent AI-generated content as human-made can violate platform terms of service and, in some jurisdictions, emerging AI transparency laws. Use this information responsibly.
Invisible AI watermarks are becoming standard practice as the industry grapples with provenance, transparency, and regulation. SynthID is the most robust, C2PA is the most interoperable, and steganographic approaches are the most fragile.
For most users, the watermark you actually need to remove is the visible one — the logo on a preview image, a stock photo stamp, or an AI generator’s branding. As a byproduct of full-image AI regeneration, invisible watermarks are often disrupted in the process too.
Related articles
Ready to remove a watermark?
Free, no signup required. 5 images per day.