SynthID
C2PA
Provenance And Watermarking

6 Jul 2026

Nano Banana SynthID And C2PA: Provenance And Watermarking Deep Dive

Nano Banana SynthID and C2PA guide showing AI image protection, fingerprint verification, and content authenticity for 2026.

Introduction

Every image generated by Nano Banana 2 leaves the model with two invisible provenance signals: Google’s SynthID pixel watermark and a C2PA Content Credentials manifest.

Neither is normally visible when someone looks at the image. However, both can be detected using compatible verification tools.

The important difference is where they live:

  • SynthID is embedded directly into the image pixels.
  • C2PA is attached to the image file as cryptographically signed metadata.

Because of this distinction, SynthID can survive many common image edits, while C2PA metadata may disappear when an image is processed by an incompatible platform or application.

If you publish AI-generated images in real estate listings, advertising campaigns, news articles, stock libraries, or client projects, you need to understand what these systems record, who can inspect them, and what happens when an image is edited.

New to the model itself? Start with our complete guide to Nano Banana. For practical visual workflows, explore our Nano Banana interior design guide.

The 30-Second Version

SynthID and C2PA serve different but complementary purposes.

TechnologyWhat It DoesWhere It LivesMain Advantage
SynthIDIdentifies content generated or edited by supported Google AI modelsInside the image pixelsCan survive common edits and metadata removal
C2PARecords the origin and modification history of a media fileInside signed file metadataProvides detailed, machine-readable provenance
Combined ApproachHelps verify both AI origin and content historyPixels and file metadataCreates a layered provenance system

Here is the essential summary:

  1. SynthID is an invisible pixel-level watermark embedded during generation. It is designed to remain detectable after common transformations such as compression, filtering, cropping, and screenshotting.
  2. C2PA Content Credentials are cryptographically signed records attached to the file. They may include information about how the image was created, which tool was used, and what changes were made afterward.
  3. Nano Banana 2 uses both systems. Google describes Nano Banana 2 as combining SynthID with interoperable C2PA Content Credentials to improve AI-image identification and provenance.
  4. These technologies help answer whether AI was involved in creating or editing an image. They do not prevent someone from misusing that image.

What SynthID Actually Does

SynthID is Google DeepMind’s invisible watermarking technology for AI-generated images, video, audio, and text.

For images, SynthID modifies pixel values during generation using tiny, structured changes. These changes are designed to remain imperceptible to viewers while still being detectable by Google’s verification systems.

For Nano Banana 2 specifically, Google states that generated images include SynthID so that they can later be identified as AI-generated.

For a more introductory explanation, read our guide to visible and invisible SynthID watermarks.

Why SynthID Is Different From Metadata

Traditional metadata can be removed simply by downloading, re-saving, screenshotting, or uploading an image to another platform.

SynthID is different because it is incorporated into the visual data of the image itself. Removing the file metadata does not automatically remove the watermark.

Google says SynthID is designed to remain detectable after transformations such as:

  • Image compression
  • Colour adjustments
  • Filters
  • Resaving in lossy formats
  • Cropping
  • Screenshotting
  • Minor visual edits

Google has demonstrated that SynthID can remain detectable after filters, colour changes, and lossy compression. However, no watermark should be treated as completely indestructible.

What SynthID May Not Survive

SynthID detection can become less reliable when an image is heavily altered.

Potential failure cases include:

  • Extreme resizing
  • Severe cropping that removes most of the original image
  • Repeated low-quality compression
  • Major inpainting or reconstruction
  • Adversarial attacks designed specifically to remove watermarks
  • Large visual transformations that replace most of the original pixels

The result is not always a simple yes-or-no answer. Detection systems may return an uncertain result when the watermark has been weakened or when only part of an image contains AI-generated content.

What C2PA Actually Does

C2PA stands for the Coalition for Content Provenance and Authenticity.

It is an open technical standard that allows creators, publishers, software providers, camera manufacturers, and platforms to attach verifiable provenance information to digital media.

The user-facing implementation of the C2PA standard is commonly called Content Credentials.

Unlike SynthID, C2PA is not a pixel watermark. It is a structured and cryptographically signed set of records associated with the media file.

You can read the complete technical documentation in the official C2PA specification. For a simpler introduction, the C2PA FAQ explains how Content Credentials record the origin and history of media.

What A C2PA Manifest May Contain

Depending on the generating tool and implementation, a C2PA manifest can include:

Manifest FieldWhat It Tells You
GeneratorThe application, model, device, or service that created the content
Creation TimeWhen the content or credential was created
ActionsEdits, transformations, exports, or other operations
IngredientsOther assets used to produce the final image
Software InformationThe application or service involved in processing
Cryptographic SignatureEvidence that the credential has not been modified
Certificate InformationThe organisation or entity that signed the credential

C2PA assertions can cover creation details, editing actions, capture-device information, content bindings, and other provenance signals. These assertions are wrapped into a digitally signed claim.

How C2PA Verification Works

When a compatible tool reads Content Credentials, it performs several checks:

  1. It locates the C2PA manifest associated with the file.
  2. It checks whether the manifest is cryptographically signed.
  3. It validates whether the media still matches the signed data.
  4. It displays the recorded origin, tools, and editing actions.
  5. It warns the user when the credential is missing, invalid, or no longer connected to the current file.

A valid C2PA credential does not automatically prove that everything shown in an image is true. It proves that the signed provenance record has not been altered since it was issued.

SynthID Vs C2PA: What Each System Does

SynthID and C2PA should not be treated as competing technologies. They solve different parts of the provenance problem.

PropertySynthIDC2PA Content Credentials
LocationEmbedded in image pixelsAttached as signed file data or metadata
VisibilityInvisible during normal viewingInvisible until inspected
Main PurposeDetect whether supported Google AI was involvedRecord origin, tools, and modification history
Survives Metadata RemovalYesUsually no
Survives ScreenshottingOften, depending on image qualityNo, unless credentials are separately preserved
Survives CroppingCan survive moderate croppingDepends on how the edited file is exported
Survives CompressionDesigned to survive common compressionMay survive only when the processing tool preserves it
VerificationRequires a compatible SynthID verification systemCan be verified by C2PA-compatible tools
Tampering BehaviourDetection confidence may weakenCryptographic validation may fail
Best Question Answered“Was Google AI involved?”“Where did this file come from, and how was it changed?”

The systems are complementary by design.

SynthID can continue providing a signal after metadata is removed. C2PA provides much richer information when the credential remains attached and valid.

Together, they offer a layered approach:

  • SynthID provides durable AI-origin detection.
  • C2PA provides detailed and interoperable content history.

How To Detect SynthID In 2026

Google provides SynthID verification through supported Google experiences.

In the Gemini app, signed-in users can upload supported media and use the verification feature to check whether all or part of the content was generated or edited by Google AI.

Using Gemini To Check An Image

The precise interface may vary by device or account, but the general process is:

  1. Open the Gemini app.
  2. Upload the image you want to inspect.
  3. Ask Gemini whether the image was generated or edited using Google AI.
  4. Open the available verification or image-information option.
  5. Review the SynthID result.

A detected SynthID watermark means that all or part of the image was generated or edited using a supported Google AI system.

A negative result does not prove that the image is human-made. It may have been created by another AI provider, heavily modified, or processed in a way that weakened the watermark.

SynthID Detection For Developers

Google also offers watermark-generation and verification capabilities across parts of its cloud and enterprise AI ecosystem.

For example, Vertex AI documentation describes generating watermarked images and verifying supported watermarks. Google has also expanded enterprise tools for detecting and analysing AI-generated media.

Because watermark detection can become easier to attack when every technical detail is exposed, SynthID is not implemented as a completely open detection standard.

How To Read C2PA Metadata Yourself

Because C2PA is an open standard, developers can inspect compatible credentials using open-source tools and SDKs.

One widely used command-line utility is c2patool.

Installing C2patool

On macOS With Homebrew

brew install c2patool

Using Cargo

cargo install c2patool

Verifying A Nano Banana Image

Run the following command:

c2patool nano-banana-output.png

If the image contains a readable credential, the output can include details such as:

  • Generator or application name
  • Manifest assertions
  • Creation information
  • Signing certificate
  • Ingredient hashes
  • Editing actions
  • Validation results

Reading A Manifest With Python

The C2PA ecosystem also provides SDKs for programmatic workflows.

A simplified Python example may look like this:

from c2pa import Reader

with open("nano-banana-output.png", "rb") as image_file:

    reader = Reader.from_stream("image/png", image_file)

    manifest = reader.json()

    print(manifest)

The precise API may vary by SDK version, so check the current C2PA SDK documentation before using the example in production.

Using C2PA In A CI Pipeline

A platform can use C2PA verification during image ingestion or deployment.

A basic workflow could:

  1. Receive an uploaded image.
  2. Check for a C2PA manifest.
  3. Validate the signature and asset binding.
  4. Store the verification result.
  5. Flag invalid or missing credentials for review.
  6. Display provenance information in the publishing interface.

For media organisations, marketplaces, and enterprise content systems, this can form part of an editorial or compliance review process.

What Gets Stripped And How To Preserve It

The biggest practical limitation of C2PA is not the standard itself. It is the number of image-processing pipelines that remove metadata or generate a completely new output file.

A Content Credentials manifest may disappear when an image is processed through:

  • Generic image optimisers
  • Incompatible content-management systems
  • Social-media compression pipelines
  • CDN image transformations
  • Screenshot workflows
  • Basic export tools
  • Editors that do not preserve C2PA data

SynthID may continue to survive because it is embedded in the image pixels. The C2PA credential may not.

Research and real-world testing have shown that social-media processing can remove C2PA credentials even when the original image contained them.

Three Ways To Preserve Content Credentials

1. Use C2PA-Aware Editing Tools

Use software that supports Content Credentials and can append editing actions instead of silently removing the manifest.

Adobe tools such as Photoshop and Lightroom support Content Credentials workflows. Before exporting, confirm that the relevant Content Credentials settings are enabled.

2. Audit Your CDN And Optimisation Pipeline

Do not assume that your CDN or image optimiser preserves credentials.

Test every transformation used by your website:

  • Resizing
  • Format conversion
  • Compression
  • Thumbnail generation
  • Cropping
  • Responsive-image creation
  • WebP or AVIF conversion

Download the transformed output and verify it using c2patool or another compatible verifier.

3. Re-Sign At The Publishing Boundary

If your platform modifies uploaded content, consider creating a new credential that records the platform’s transformation.

Instead of breaking the provenance chain, your system can:

  1. Validate the incoming credential.
  2. Process the asset.
  3. Record the transformation.
  4. Sign the new output.
  5. Preserve a connection to the original ingredient.

For platforms publishing AI-generated content at scale, this is usually a more reliable architecture than stripping all provenance data and publishing an untraceable derivative.

What About API Outputs?

Google has stated that Nano Banana 2 combines SynthID and C2PA Content Credentials to improve image transparency. Its enterprise materials also describe coupling SynthID with interoperable C2PA credentials.

Google Cloud additionally states that C2PA credentials and invisible SynthID watermarks are enabled by default for newer supported image models and enterprise offerings.

However, developers should still test the exact surface and file format they use.

Outputs can behave differently depending on:

  • The specific model version
  • Gemini app exports
  • Google AI Studio
  • Gemini API responses
  • Vertex AI
  • Enterprise AI platforms
  • File format
  • SDK behaviour
  • Third-party wrappers
  • Post-generation processing

For implementation guidance, see our Nano Banana API tutorials and guides. You can also compare multi-model platforms in our Freepik AI review.

Always Test The Final Delivered File

Do not only verify the original API response.

Verify the file after it has passed through your entire pipeline:

Model output

    ↓

Application processing

    ↓

Image optimisation

    ↓

CDN transformation

    ↓

CMS upload

    ↓

Final downloaded asset

The final public asset is the file that matters

What This Means For Commercial Use

SynthID and C2PA are provenance technologies, not copyright licences.

Their presence does not automatically prevent commercial use. Instead, they make the image’s AI origin or processing history easier to verify.

Commercial rights still depend on factors such as:

  • The terms of the model or service
  • The user’s subscription or API agreement
  • The input images used
  • Trademark and publicity rights
  • Local advertising rules
  • Client contracts
  • Platform-specific policies
  • The nature of the final use

Why Provenance Matters For Client Work

If you deliver AI-generated images to clients, provenance information can affect:

  • Disclosure obligations
  • Approval processes
  • Licensing representations
  • Editorial policies
  • Advertising compliance
  • Marketplace acceptance
  • Contract language

Claiming that an AI-generated image is original photography can create reputational or contractual risk when its origin can later be detected.

A better approach is to disclose the use of generative AI clearly in your agreement and deliverables.

Commercial Scenarios Where Watermarks Matter

News And Editorial Publishing

Editorial organisations may use C2PA-aware systems to evaluate where an image originated and whether it was modified.

A valid credential can help a newsroom understand:

  • Which tool created the image
  • Whether AI was involved
  • Whether edits were recorded
  • Whether the file matches the signed manifest

However, C2PA should be treated as one trust signal rather than unquestionable proof that the depicted event is true.

Stock Photography And Asset Libraries

Stock platforms may label, restrict, or reject AI-generated submissions based on their individual policies.

Before uploading Nano Banana images, review the platform’s current requirements regarding:

  • AI disclosure
  • Model releases
  • Property releases
  • Prompt records
  • Intellectual-property restrictions
  • Editorial versus commercial use
  • Embedded metadata

Do not remove provenance information solely to avoid a platform’s AI-content rules.

Real Estate Listings

AI-generated staging can help buyers understand how an empty or unfinished space might look after furnishing.

However, AI staging can also become misleading if structural details, views, room dimensions, or permanent features are changed.

Some listing organisations and local markets require virtual staging to be disclosed. In these situations, provenance signals can support the disclosure process.

For practical examples, explore our Nano Banana interior design guide.

Advertising And Branded Content

Advertisers increasingly need to document how campaign assets were created, especially when an image depicts:

  • A public figure
  • A realistic person
  • A political event
  • A product claim
  • A testimonial
  • A sensitive event
  • A materially altered real-world scene

C2PA credentials can serve as part of an internal compliance record, while SynthID can help demonstrate that supported Google AI tools were involved.

The precise disclosure requirement depends on the country, platform, campaign type, and content.

Limitations Of SynthID And C2PA

Neither technology is perfect.

SynthID Can Be Weakened

Like other watermarking systems, SynthID exists in an ongoing technical contest between watermark creation and watermark removal.

Its reliability may decrease after:

  • Heavy editing
  • Extreme transformations
  • Repeated compression
  • Adversarial processing
  • Regeneration through another model
  • Large-scale pixel replacement

SynthID should therefore be viewed as a durable signal rather than an unbreakable lock.

C2PA Can Be Removed Accidentally

C2PA credentials may disappear during ordinary publishing workflows.

This means an image without Content Credentials is not automatically suspicious. The metadata may have been removed by a website, app, CDN, or export tool.

Absence of a credential is not proof of manipulation.

Provenance Is Not The Same As Truth

A valid credential can tell you where a file came from and which recorded actions were applied.

It cannot independently prove that:

  • The scene shown is real.
  • The person’s statement is accurate.
  • The image was captured in the claimed location.
  • The creator had permission to use every ingredient.
  • The caption is truthful.
  • The media is free from misleading context.

Provenance should be combined with editorial review, source verification, reverse-image search, and contextual investigation.

Neither System Necessarily Identifies The Prompter

SynthID may indicate that supported Google AI generated or edited an image.

C2PA may identify the application, model, device, or service involved.

Neither system necessarily reveals the personal identity of the user who entered the prompt. This protects user privacy, but it means the systems primarily answer:

“Was AI involved, and what processing history was recorded?”

They do not always answer:

“Which individual created this image?”

For a related discussion about how models preserve a subject across multiple generations, read our guide to Nano Banana character consistency.

What Is Coming Next

The broader direction is toward more visible and accessible provenance information.

Google has expanded support for SynthID and C2PA verification across its products and has described plans to make AI-image information easier to inspect in Search, Chrome, Gemini, and other user experiences.

The C2PA ecosystem also includes software companies, publishers, camera manufacturers, technology platforms, and creative-tool providers.

As adoption grows, users may increasingly see:

  • Content Credentials icons
  • AI-generated labels
  • Edit-history summaries
  • Provenance panels
  • Browser-level verification
  • Camera-signed media
  • Platform-generated disclosure badges

This will make provenance a visible part of normal publishing rather than a specialist feature hidden inside metadata tools.

What Developers And Platforms Should Do

Developers do not need an overly complicated provenance strategy. They need a consistent one.

PriorityRecommended ActionReason
1Audit every image-processing stepPrevent accidental credential removal
2Verify credentials during ingestionIdentify provenance before processing
3Store verification resultsPreserve evidence even if later formats change
4Re-sign transformed outputsMaintain a traceable content history
5Display provenance where usefulImprove transparency for users
6Keep original assetsAllow future re-verification
7Document failure casesAvoid treating missing metadata as proof of fraud

A Practical Ingestion Workflow

A platform accepting AI-generated submissions could use the following process:

Receive original file

    ↓

Check for C2PA credentials

    ↓

Run available AI-watermark verification

    ↓

Store original file and validation result

    ↓

Apply required image transformations

    ↓

Create or update output credentials

    ↓

Publish with a provenance indicator

Do Not Treat Verification As Moderation

Watermark and provenance checks should not automatically decide whether content is acceptable.

An AI-generated image may be legitimate, while a camera-generated image may still be deceptive.

Verification should inform moderation rather than replace it.

What Agencies And Freelancers Should Do

Agencies using Nano Banana for commercial projects should make AI disclosure part of their normal workflow.

Include AI Use In The Scope Of Work

State whether generative AI may be used for:

  • Concepts
  • Backgrounds
  • Retouching
  • Product mockups
  • Virtual staging
  • Advertising images
  • Social-media content
  • Final production assets

This avoids surprises when a client or platform later detects provenance signals.

Preserve The Original Files

Keep:

  • The original generated output
  • Prompt or project records
  • Client approvals
  • Edited working files
  • Final exports
  • Relevant licences
  • Verification results

These records may be useful when a client, marketplace, or publisher asks how the content was produced.

Test Optimisation Before Delivery

Do not assume that an optimised image still contains its original credentials.

Verify the actual file being sent to the client after:

  • Compression
  • Resizing
  • Format conversion
  • Photoshop export
  • CMS upload
  • Cloud storage processing

Explain Provenance As A Benefit

For many clients, transparent provenance is not a disadvantage.

It can provide evidence that:

  • The asset was created using approved tools.
  • The workflow followed disclosure requirements.
  • The image was not falsely represented as photography.
  • Edits were documented.
  • The agency used a responsible production process.

The Bottom Line

Nano Banana 2’s use of SynthID and C2PA represents a layered approach to AI-image provenance.

SynthID is embedded in the pixels and is designed to survive common transformations. C2PA Content Credentials provide a richer, cryptographically verifiable history when the file and its manifest remain intact.

The two systems answer different questions:

  • SynthID: Was supported Google AI involved in creating or editing this image?
  • C2PA: What does the signed record say about the image’s origin and modification history?

Neither technology stops misuse, proves that an image is truthful, or replaces human verification.

What they do provide is a practical way to make AI involvement and content history more transparent.

For developers, the priority is to preserve and verify provenance through the complete image pipeline.

For agencies and publishers, the priority is to disclose AI use honestly and avoid workflows that remove credentials without a reason.

For comparison with another AI image-editing system, read our Qwen Image Edit review.

For anyone publishing AI imagery in production, the biggest mistake is not that these signals exist. It is failing to understand what happens to them before the final image reaches the viewer.

Sachin Rathor | CEO At Beyond Labs

Sachin Rathor

Chirag Gupta | CTO At Beyond Labs

Chirag Gupta

You may also be interested in

Logo
Logo
Logo
Logo

Terms and Conditions

Privacy

Affiliate Disclaimer

Cookies Policy

Accessibility

Sitemap

About

Contact