Skip to main content

Deepfake Detection & Forensic Image Analysis

Synthetic media is now good enough to fool the naked eye. A practical guide to C2PA provenance data, reverse-image forensics, watermark detection, and academic verification labs for UK newsrooms.

Last reviewed: Next review due:

Why forensic image analysis is now a core newsroom skill

Generative AI has made the production of convincing synthetic images, audio, and video cheap and widely accessible. For UK journalists, this changes the baseline assumption behind visual verification: an image or clip can no longer be treated as authentic simply because it looks unremarkable. Elections, breaking news events, and reputational stories about named individuals are all now routine targets for synthetic media, whether created to deceive, to satirise, or simply to generate engagement.

Forensic verification has moved from a specialist digital-verification-desk task to a skill every reporter handling visual material needs at least a working knowledge of. It combines technical tools — provenance standards like C2PA, watermark detection, reverse-image search — with the same journalistic instincts used for any unverified source: corroboration, provenance, and a willingness to say “not yet verified” rather than publish a guess.

No single tool proves authenticity or fabrication on its own. The discipline is in triangulating several independent signals and being transparent with readers about your level of confidence.

When this matters most

  • 1Breaking news footage circulating on social media before any mainstream outlet has verified its origin.
  • 2Images or audio purporting to show a UK politician or public figure saying or doing something damaging shortly before an election or vote.
  • 3User-generated content submitted to a newsroom by an anonymous source with no verifiable chain of custody.
  • 4Non-consensual intimate imagery or synthetic content targeting a private individual, which also raises Online Safety Act 2023 offence considerations.
  • 5Archival photographs or historic footage whose authenticity is disputed as part of a longer investigation.
  • 6AI-generated images used to illustrate a story, where the ethical question is disclosure rather than deception — see our AI-generated content ethics guide.

Core provenance standards and tools

A step-by-step verification workflow

1. Check for Content Credentials

Where the file or platform supports it, inspect for C2PA Content Credentials data, which can show editing history and whether AI generation tools were used in production. A broken or missing credential chain on a file that claims to be camera-original is a red flag; genuinely absent credentials are common and not proof of fakery on their own.

2. Run reverse-image searches

Use reverse-image search on stills (including extracted video frames) to check whether the same or similar imagery appears earlier, in a different context, or attributed to a different event or location. Recurring appearance of the same image across unrelated events is a strong indicator of recycled or miscaptioned, rather than freshly synthetic, content — a distinct but related verification failure.

3. Check for watermarks

Where the suspected generation tool is known or suspected (e.g. a specific image generator), run the corresponding detection tool such as SynthID’s verifier if applicable. Treat a negative result as inconclusive rather than as proof of authenticity, since watermarks can be stripped or degraded.

4. Examine metadata directly

Extract EXIF and file metadata where accessible. Inconsistencies between claimed capture device, timestamp, and geolocation data and the content of the image are useful corroborating signals, though metadata can be edited or stripped entirely.

5. Cross-reference eyewitnesses and known facts

Check the depicted scene against known geography, weather records, shadow angles, and any independently confirmed facts about the event. Geolocation and chronolocation techniques (used widely in OSINT investigations) remain some of the most reliable verification methods for real-world footage.

6. Refer to an academic or specialist lab where stakes are high

For high-stakes stories (election-adjacent content, allegations against named individuals, ongoing legal proceedings), consider sending the file for a second opinion to an academic media forensics lab or a specialist verification organisation before publication.

Red flags in suspect media

  • Inconsistent lighting, shadows, or reflections that do not match the claimed time and location of capture.
  • Audio and lip movement that fall out of sync, or unnaturally smooth/absent blinking in video of a speaking subject.
  • Backgrounds that warp, blur, or distort inconsistently as the subject moves.
  • Metadata showing an editing timestamp inconsistent with the claimed original capture date.
  • Content Credentials showing an AI generation or editing tool in the provenance chain, where the source claims the media is an unedited photograph or recording.
  • A source who is unwilling to share the original file, only a re-shared or heavily compressed copy, and resists any request for the original.
  • Content that surfaces first on an anonymous or low-credibility account with no earlier verifiable appearance.

Pre-publication verification checklist

  • I have checked for C2PA Content Credentials data and recorded whether a provenance chain is present, broken, or absent.
  • I have run a reverse-image search on stills and any extracted frames.
  • I have checked applicable watermark detection tools where a specific generation tool is suspected.
  • I have examined available file metadata and noted any inconsistencies.
  • I have obtained the original file from the source, not a re-shared or re-compressed copy, wherever possible.
  • I have cross-referenced the depicted scene against known geography, weather, and any independently confirmed facts.
  • I have consulted an academic forensics lab or specialist verification body if the story stakes justify it.
  • I have decided what confidence level I can honestly state to readers, and I have written the story to reflect it accurately.

Common mistakes

  • Treating the absence of Content Credentials or a watermark as proof that an image is authentic — absence of a signal is inconclusive, not confirmation.
  • Relying solely on visual inspection when the most capable generation tools no longer produce obvious visual tells.
  • Publishing unverified footage with a hedge word like "apparently" instead of either verifying it or declining to publish.
  • Failing to preserve the original file and a timestamped record of your verification steps.
  • Not seeking a second opinion from a specialist lab on a high-stakes story where the newsroom lacks in-house forensic expertise.
  • Confusing a miscaptioned but genuine image (real content, wrong context) with a synthetic one — the corrective action differs for each.

Jargon glossary

C2PA
Coalition for Content Provenance and Authenticity — the industry body behind the Content Credentials standard.
Content Credentials
Cryptographically signed metadata attached to a media file recording its creation and editing history.
SynthID
Google DeepMind’s watermarking technology for identifying AI-generated content.
Chronolocation
Determining when footage was captured using shadows, weather, or other time-dependent visual clues.
Geolocation
Determining where footage was captured using landmarks, signage, and geographic features.
EXIF data
Metadata embedded in image files recording camera settings, timestamp, and sometimes GPS location.
Provenance chain
The recorded sequence of creation and editing steps a file has gone through, as tracked by standards like C2PA.
Synthetic media
Any image, audio, or video generated or substantially altered by AI, including but not limited to deepfakes.

Tools for verification investigations

Use our Investigation Risk Register to track your verification steps and evidence trail for high-stakes synthetic media stories.

Frequently asked questions

What is C2PA and Content Credentials?
The Coalition for Content Provenance and Authenticity (C2PA) is an industry standards body — its members include the BBC, Adobe, Microsoft, and camera manufacturers — that has developed a technical standard for attaching cryptographically signed provenance data to media files. Content Credentials, the resulting metadata, can show how, when, and with what tools (including whether AI was involved) an image or video was created and edited. Not all images carry Content Credentials, and the absence of credentials does not itself prove an image is fake — but their presence, and any breaks in the credential chain, are a valuable forensic signal.
What is SynthID and how reliable is it?
SynthID is a watermarking technology developed by Google DeepMind that embeds an imperceptible digital watermark into AI-generated images, audio, and text, detectable with a corresponding tool even after some editing. It is one of several watermarking approaches (alongside C2PA-based signing) intended to make synthetic media identifiable. No watermarking approach is fully robust against a determined bad actor willing to strip metadata or heavily reprocess a file, so watermark absence should be treated as inconclusive rather than as proof of authenticity.
Can I detect a deepfake by eye?
Some deepfakes still show visual tells — inconsistent lighting or shadows, unnatural blinking patterns, warped backgrounds near the face, or mismatched audio-lip synchronisation — but the most capable current generation models have largely eliminated these obvious flaws. Visual inspection alone is no longer a reliable method for high-quality synthetic media and should be treated as a first-pass filter, not a conclusion. Cross-referencing metadata, provenance data, and reverse-image search results is essential.
What should I do if I suspect a piece of media is synthetic but cannot prove it?
Do not publish a definitive claim you cannot support. Document everything you have found — reverse-image search results, metadata inconsistencies, any C2PA data or its absence — and consider referring the file to an academic forensics lab or a specialist verification organisation such as the Content Authenticity Initiative or a university media forensics group for a second opinion. If your deadline does not allow for this, report what you can factually establish (e.g. "this footage cannot currently be verified as authentic") rather than asserting it is or is not a deepfake.
Does the NUJ or IPSO have specific guidance on verifying synthetic media?
The NUJ's guidance on digital verification covers standard practice for treating unverified user-generated content and synthetic media with the same scepticism as any unconfirmed source, and stresses labelling anything that cannot be independently verified. IPSO's Editors' Code does not name deepfakes specifically but Clause 1 (Accuracy) applies in full: publishing manipulated or synthetic media as authentic, without adequate verification, is a straightforward accuracy breach regardless of the technology used to create it.