SynthID-Image: Image watermarking at internet scale

We introduce SynthID-Image, a deep learning-based system for invisibly watermarking AI-generated imagery. This paper documents the technical desiderata, threat models, and practical challenges of deploying such a system at internet scale, addressing key requirements of effectiveness, fidelity, robustness, and security. SynthID-Image has been used to watermark over ten billion images and video frames across Google's services and its corresponding verification service is available to trusted testers. For completeness, we present an experimental evaluation of an external model variant, SynthID-O, which is available through partnerships. We benchmark SynthID-O against other post-hoc watermarking methods from the literature, demonstrating state-of-the-art performance in both visual quality and robustness to common image perturbations. While this work centers on visual media, the conclusions on deployment, constraints, and threat modeling generalize to other modalities, including audio. This paper provides a comprehensive documentation for the large-scale deployment of deep learning-based media provenance systems.

Key Contributions

• Deep learning-based invisible image watermarking system (SynthID-Image) deployed at internet scale across Google services, watermarking over 10 billion images and video frames
• Comprehensive threat modeling and security analysis for large-scale media provenance systems, covering effectiveness, fidelity, robustness, and adversarial attacks on watermarks
• Benchmarking of SynthID-O against post-hoc watermarking methods, demonstrating state-of-the-art visual quality and robustness to common image perturbations

🛡️ Threat Analysis

Details

Similar Papers