What is Google's SynthID watermark?

SynthID embeds an invisible frequency pattern into Gemini AI images during generation, meant to prove AI origin without altering looks.

How was SynthID cracked?

Researchers generated 200+ Gemini images, averaged noise to find the consistent signature, then inverted it – slashing detectability by over 75%.

Not all, but it guts embedded watermark schemes; behavioral tracking (what the AI actually did) is the scalable fix.

🤖 AI Dev Tools

Google swore SynthID was invisible and unbreakable. Researchers proved it wrong with 200 images and some averaging. AI trust just got a lot shakier.

theAIcatchup Apr 10, 2026 3 min read

SynthID's consistency made it crackable via basic averaging attacks – a flaw in all embedded AI proofs. 𝕏
Shift from origin attestations to behavioral telemetry: track actions, not pixels. 𝕏
This failure boosts systems like Commit, where trust comes from real-world history, not hidden patterns. 𝕏

Published by

Ship faster. Build smarter.

#AI trust #AI watermark #Google Gemini #SynthID #behavioral telemetry

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by dev.to