6 Jul 2026

Every image generated by Nano Banana 2 leaves the model with two invisible provenance signals: Google’s SynthID pixel watermark and a C2PA Content Credentials manifest.
Neither is normally visible when someone looks at the image. However, both can be detected using compatible verification tools.
The important difference is where they live:
Because of this distinction, SynthID can survive many common image edits, while C2PA metadata may disappear when an image is processed by an incompatible platform or application.
If you publish AI-generated images in real estate listings, advertising campaigns, news articles, stock libraries, or client projects, you need to understand what these systems record, who can inspect them, and what happens when an image is edited.
New to the model itself? Start with our complete guide to Nano Banana. For practical visual workflows, explore our Nano Banana interior design guide.
SynthID and C2PA serve different but complementary purposes.
| Technology | What It Does | Where It Lives | Main Advantage |
|---|---|---|---|
| SynthID | Identifies content generated or edited by supported Google AI models | Inside the image pixels | Can survive common edits and metadata removal |
| C2PA | Records the origin and modification history of a media file | Inside signed file metadata | Provides detailed, machine-readable provenance |
| Combined Approach | Helps verify both AI origin and content history | Pixels and file metadata | Creates a layered provenance system |
Here is the essential summary:
SynthID is Google DeepMind’s invisible watermarking technology for AI-generated images, video, audio, and text.
For images, SynthID modifies pixel values during generation using tiny, structured changes. These changes are designed to remain imperceptible to viewers while still being detectable by Google’s verification systems.
For Nano Banana 2 specifically, Google states that generated images include SynthID so that they can later be identified as AI-generated.
For a more introductory explanation, read our guide to visible and invisible SynthID watermarks.
Traditional metadata can be removed simply by downloading, re-saving, screenshotting, or uploading an image to another platform.
SynthID is different because it is incorporated into the visual data of the image itself. Removing the file metadata does not automatically remove the watermark.
Google says SynthID is designed to remain detectable after transformations such as:
Google has demonstrated that SynthID can remain detectable after filters, colour changes, and lossy compression. However, no watermark should be treated as completely indestructible.
SynthID detection can become less reliable when an image is heavily altered.
Potential failure cases include:
The result is not always a simple yes-or-no answer. Detection systems may return an uncertain result when the watermark has been weakened or when only part of an image contains AI-generated content.
C2PA stands for the Coalition for Content Provenance and Authenticity.
It is an open technical standard that allows creators, publishers, software providers, camera manufacturers, and platforms to attach verifiable provenance information to digital media.
The user-facing implementation of the C2PA standard is commonly called Content Credentials.
Unlike SynthID, C2PA is not a pixel watermark. It is a structured and cryptographically signed set of records associated with the media file.
You can read the complete technical documentation in the official C2PA specification. For a simpler introduction, the C2PA FAQ explains how Content Credentials record the origin and history of media.
Depending on the generating tool and implementation, a C2PA manifest can include:
| Manifest Field | What It Tells You |
|---|---|
| Generator | The application, model, device, or service that created the content |
| Creation Time | When the content or credential was created |
| Actions | Edits, transformations, exports, or other operations |
| Ingredients | Other assets used to produce the final image |
| Software Information | The application or service involved in processing |
| Cryptographic Signature | Evidence that the credential has not been modified |
| Certificate Information | The organisation or entity that signed the credential |
C2PA assertions can cover creation details, editing actions, capture-device information, content bindings, and other provenance signals. These assertions are wrapped into a digitally signed claim.
When a compatible tool reads Content Credentials, it performs several checks:
A valid C2PA credential does not automatically prove that everything shown in an image is true. It proves that the signed provenance record has not been altered since it was issued.
SynthID and C2PA should not be treated as competing technologies. They solve different parts of the provenance problem.
| Property | SynthID | C2PA Content Credentials |
|---|---|---|
| Location | Embedded in image pixels | Attached as signed file data or metadata |
| Visibility | Invisible during normal viewing | Invisible until inspected |
| Main Purpose | Detect whether supported Google AI was involved | Record origin, tools, and modification history |
| Survives Metadata Removal | Yes | Usually no |
| Survives Screenshotting | Often, depending on image quality | No, unless credentials are separately preserved |
| Survives Cropping | Can survive moderate cropping | Depends on how the edited file is exported |
| Survives Compression | Designed to survive common compression | May survive only when the processing tool preserves it |
| Verification | Requires a compatible SynthID verification system | Can be verified by C2PA-compatible tools |
| Tampering Behaviour | Detection confidence may weaken | Cryptographic validation may fail |
| Best Question Answered | “Was Google AI involved?” | “Where did this file come from, and how was it changed?” |
The systems are complementary by design.
SynthID can continue providing a signal after metadata is removed. C2PA provides much richer information when the credential remains attached and valid.
Together, they offer a layered approach:
Google provides SynthID verification through supported Google experiences.
In the Gemini app, signed-in users can upload supported media and use the verification feature to check whether all or part of the content was generated or edited by Google AI.
The precise interface may vary by device or account, but the general process is:
A detected SynthID watermark means that all or part of the image was generated or edited using a supported Google AI system.
A negative result does not prove that the image is human-made. It may have been created by another AI provider, heavily modified, or processed in a way that weakened the watermark.
Google also offers watermark-generation and verification capabilities across parts of its cloud and enterprise AI ecosystem.
For example, Vertex AI documentation describes generating watermarked images and verifying supported watermarks. Google has also expanded enterprise tools for detecting and analysing AI-generated media.
Because watermark detection can become easier to attack when every technical detail is exposed, SynthID is not implemented as a completely open detection standard.
Because C2PA is an open standard, developers can inspect compatible credentials using open-source tools and SDKs.
One widely used command-line utility is c2patool.
brew install c2patool
cargo install c2patool
Run the following command:
c2patool nano-banana-output.png
If the image contains a readable credential, the output can include details such as:
The C2PA ecosystem also provides SDKs for programmatic workflows.
A simplified Python example may look like this:
from c2pa import Reader
with open("nano-banana-output.png", "rb") as image_file:
reader = Reader.from_stream("image/png", image_file)
manifest = reader.json()
print(manifest)
The precise API may vary by SDK version, so check the current C2PA SDK documentation before using the example in production.
A platform can use C2PA verification during image ingestion or deployment.
A basic workflow could:
For media organisations, marketplaces, and enterprise content systems, this can form part of an editorial or compliance review process.
The biggest practical limitation of C2PA is not the standard itself. It is the number of image-processing pipelines that remove metadata or generate a completely new output file.
A Content Credentials manifest may disappear when an image is processed through:
SynthID may continue to survive because it is embedded in the image pixels. The C2PA credential may not.
Research and real-world testing have shown that social-media processing can remove C2PA credentials even when the original image contained them.
Use software that supports Content Credentials and can append editing actions instead of silently removing the manifest.
Adobe tools such as Photoshop and Lightroom support Content Credentials workflows. Before exporting, confirm that the relevant Content Credentials settings are enabled.
Do not assume that your CDN or image optimiser preserves credentials.
Test every transformation used by your website:
Download the transformed output and verify it using c2patool or another compatible verifier.
If your platform modifies uploaded content, consider creating a new credential that records the platform’s transformation.
Instead of breaking the provenance chain, your system can:
For platforms publishing AI-generated content at scale, this is usually a more reliable architecture than stripping all provenance data and publishing an untraceable derivative.
Google has stated that Nano Banana 2 combines SynthID and C2PA Content Credentials to improve image transparency. Its enterprise materials also describe coupling SynthID with interoperable C2PA credentials.
Google Cloud additionally states that C2PA credentials and invisible SynthID watermarks are enabled by default for newer supported image models and enterprise offerings.
However, developers should still test the exact surface and file format they use.
Outputs can behave differently depending on:
For implementation guidance, see our Nano Banana API tutorials and guides. You can also compare multi-model platforms in our Freepik AI review.
Do not only verify the original API response.
Verify the file after it has passed through your entire pipeline:
Model output
↓
Application processing
↓
Image optimisation
↓
CDN transformation
↓
CMS upload
↓
Final downloaded asset
The final public asset is the file that matters
SynthID and C2PA are provenance technologies, not copyright licences.
Their presence does not automatically prevent commercial use. Instead, they make the image’s AI origin or processing history easier to verify.
Commercial rights still depend on factors such as:
If you deliver AI-generated images to clients, provenance information can affect:
Claiming that an AI-generated image is original photography can create reputational or contractual risk when its origin can later be detected.
A better approach is to disclose the use of generative AI clearly in your agreement and deliverables.
Editorial organisations may use C2PA-aware systems to evaluate where an image originated and whether it was modified.
A valid credential can help a newsroom understand:
However, C2PA should be treated as one trust signal rather than unquestionable proof that the depicted event is true.
Stock platforms may label, restrict, or reject AI-generated submissions based on their individual policies.
Before uploading Nano Banana images, review the platform’s current requirements regarding:
Do not remove provenance information solely to avoid a platform’s AI-content rules.
AI-generated staging can help buyers understand how an empty or unfinished space might look after furnishing.
However, AI staging can also become misleading if structural details, views, room dimensions, or permanent features are changed.
Some listing organisations and local markets require virtual staging to be disclosed. In these situations, provenance signals can support the disclosure process.
For practical examples, explore our Nano Banana interior design guide.
Advertisers increasingly need to document how campaign assets were created, especially when an image depicts:
C2PA credentials can serve as part of an internal compliance record, while SynthID can help demonstrate that supported Google AI tools were involved.
The precise disclosure requirement depends on the country, platform, campaign type, and content.
Neither technology is perfect.
Like other watermarking systems, SynthID exists in an ongoing technical contest between watermark creation and watermark removal.
Its reliability may decrease after:
SynthID should therefore be viewed as a durable signal rather than an unbreakable lock.
C2PA credentials may disappear during ordinary publishing workflows.
This means an image without Content Credentials is not automatically suspicious. The metadata may have been removed by a website, app, CDN, or export tool.
Absence of a credential is not proof of manipulation.
A valid credential can tell you where a file came from and which recorded actions were applied.
It cannot independently prove that:
Provenance should be combined with editorial review, source verification, reverse-image search, and contextual investigation.
SynthID may indicate that supported Google AI generated or edited an image.
C2PA may identify the application, model, device, or service involved.
Neither system necessarily reveals the personal identity of the user who entered the prompt. This protects user privacy, but it means the systems primarily answer:
“Was AI involved, and what processing history was recorded?”
They do not always answer:
“Which individual created this image?”
For a related discussion about how models preserve a subject across multiple generations, read our guide to Nano Banana character consistency.
The broader direction is toward more visible and accessible provenance information.
Google has expanded support for SynthID and C2PA verification across its products and has described plans to make AI-image information easier to inspect in Search, Chrome, Gemini, and other user experiences.
The C2PA ecosystem also includes software companies, publishers, camera manufacturers, technology platforms, and creative-tool providers.
As adoption grows, users may increasingly see:
This will make provenance a visible part of normal publishing rather than a specialist feature hidden inside metadata tools.
Developers do not need an overly complicated provenance strategy. They need a consistent one.
| Priority | Recommended Action | Reason |
|---|---|---|
| 1 | Audit every image-processing step | Prevent accidental credential removal |
| 2 | Verify credentials during ingestion | Identify provenance before processing |
| 3 | Store verification results | Preserve evidence even if later formats change |
| 4 | Re-sign transformed outputs | Maintain a traceable content history |
| 5 | Display provenance where useful | Improve transparency for users |
| 6 | Keep original assets | Allow future re-verification |
| 7 | Document failure cases | Avoid treating missing metadata as proof of fraud |
A platform accepting AI-generated submissions could use the following process:
Receive original file
↓
Check for C2PA credentials
↓
Run available AI-watermark verification
↓
Store original file and validation result
↓
Apply required image transformations
↓
Create or update output credentials
↓
Publish with a provenance indicator
Watermark and provenance checks should not automatically decide whether content is acceptable.
An AI-generated image may be legitimate, while a camera-generated image may still be deceptive.
Verification should inform moderation rather than replace it.
Agencies using Nano Banana for commercial projects should make AI disclosure part of their normal workflow.
State whether generative AI may be used for:
This avoids surprises when a client or platform later detects provenance signals.
Keep:
These records may be useful when a client, marketplace, or publisher asks how the content was produced.
Do not assume that an optimised image still contains its original credentials.
Verify the actual file being sent to the client after:
For many clients, transparent provenance is not a disadvantage.
It can provide evidence that:
Nano Banana 2’s use of SynthID and C2PA represents a layered approach to AI-image provenance.
SynthID is embedded in the pixels and is designed to survive common transformations. C2PA Content Credentials provide a richer, cryptographically verifiable history when the file and its manifest remain intact.
The two systems answer different questions:
Neither technology stops misuse, proves that an image is truthful, or replaces human verification.
What they do provide is a practical way to make AI involvement and content history more transparent.
For developers, the priority is to preserve and verify provenance through the complete image pipeline.
For agencies and publishers, the priority is to disclose AI use honestly and avoid workflows that remove credentials without a reason.
For comparison with another AI image-editing system, read our Qwen Image Edit review.
For anyone publishing AI imagery in production, the biggest mistake is not that these signals exist. It is failing to understand what happens to them before the final image reaches the viewer.