What is SynthID and how does it work?

SynthID is Google DeepMind's AI watermarking technology. For text, it works by subtly biasing the probability distributions of token selection in the language model, embedding a statistical pattern into the output that is imperceptible to readers but detectable by a corresponding verification tool. The watermark persists through moderate editing of the text. SynthID was initially deployed for AI-generated images and audio, with text watermarking capabilities added in 2024.

Can AI watermarks be removed?

Statistical watermarks like SynthID can be degraded or partially removed through substantial text editing, translation through multiple languages or heavy paraphrasing. Cryptographic metadata watermarks (like C2PA) are more robust against content modification but depend on the metadata not being stripped from the file. No watermarking system is currently 100% tamper-proof. However, as watermarking technology matures and more AI systems adopt it, the bar for removing watermarks will rise.

When will AI watermarking be standard for text?

As of 2026, text watermarking is available in limited deployments (Google's Gemini, some enterprise API implementations) but is not yet standard across all major AI text generators. OpenAI has committed to implementing text watermarking but has not yet deployed it publicly. The EU AI Act, which came into full effect in 2025, mandates transparency for AI-generated content, which is accelerating watermarking adoption. Widespread standardisation is likely within the next 2–3 years.

AI Detection

AI Watermarking & SynthID: The Future of AI Content Detection

plagiarism-checker-online.net Editorial Team | March 24, 2026

The current approach to AI detection — identifying AI-generated content by analysing statistical patterns in language — has fundamental limitations. It produces false positives, it can be evaded by editing and it provides probability estimates rather than certainty. A fundamentally different approach is emerging: rather than trying to identify AI-generated content after the fact, watermarking embeds signals directly into AI outputs that can later be verified. This article explains the key technologies, where they stand in 2026 and what they mean for students, educators and the future of academic integrity.

Two Approaches to Watermarking AI Text

There are two conceptually distinct approaches to watermarking AI-generated text, each with different properties and limitations.

Statistical watermarking works by subtly manipulating the probability distributions that the language model uses to select each word or token. Instead of selecting purely the highest-probability word, the model introduces a systematic bias — certain tokens are slightly preferred over semantically equivalent alternatives when a hidden key condition is met. The resulting text is indistinguishable to a human reader, but a detector with knowledge of the key can identify the systematic pattern and verify that it was produced by the watermarked model.

Cryptographic metadata watermarking works differently: rather than embedding the signal in the content itself, this approach attaches verified metadata to the file or document, asserting its origin and provenance. The C2PA (Coalition for Content Provenance and Authenticity) standard is the primary example. Metadata records who created the content, when, and with what tools, and these claims are cryptographically signed so that tampering is detectable.

Both approaches have trade-offs. Statistical watermarks are embedded in the content itself and travel with it when the text is copied, but they can be degraded by editing. Cryptographic metadata is more robust against content modification but can be stripped by removing the metadata entirely.

Google SynthID: The Most Advanced Deployed System

Google DeepMind's SynthID is the most advanced publicly deployed AI watermarking system as of 2026. Initially launched for AI-generated images and audio, SynthID text watermarking capabilities were added in 2024 and are available through Google's Gemini API and certain enterprise deployments.

SynthID's text watermarking algorithm works by biasing token selection through a pseudorandom scoring function applied during text generation. The function assigns slightly elevated scores to a subset of tokens at each generation step, creating an imperceptible but detectable statistical pattern across the full document. The watermark persists through moderate editing — rearranging sentences, replacing some words — but degrades as the proportion of edited text increases.

Google has published the research paper describing SynthID's text watermarking methodology, allowing independent evaluation. Studies have found that the watermark is robust enough to survive typical levels of editing but can be largely removed by aggressive paraphrasing or machine translation through multiple languages. This is an area of active improvement.

One significant limitation is that SynthID only marks content generated through Google's own systems. It cannot detect whether content was generated by GPT-4, Claude or any other AI system that does not use SynthID. For SynthID to become a universal solution, either all major AI providers would need to adopt it or an equivalent technology, or a common standard would need to emerge.

The C2PA Standard: Cryptographic Provenance for All Content

The Coalition for Content Provenance and Authenticity (C2PA) is an industry initiative backed by Adobe, Microsoft, Google, OpenAI, Intel, the BBC and many others. Rather than a specific technical implementation, C2PA is a standard — a common format for attaching cryptographically signed provenance metadata to digital content.

Under the C2PA standard, any piece of content — an image, a video, a document, a piece of text — can carry a cryptographically signed "manifest" that asserts its origin. For AI-generated text, this would include information about which AI model generated the content, when and with what settings. The cryptographic signature means that the manifest cannot be forged without detection, and any tampering with the content after signing can be verified.

C2PA has achieved significant adoption in the image and video domain — Adobe's Photoshop and other tools now support C2PA metadata natively, and news agencies are beginning to require C2PA-certified images for publication. Text document support is more nascent but is being developed. The EU AI Act, discussed in our article on EU AI Act implications for students, creates regulatory pressure for exactly this kind of provenance standard in AI-generated content.

OpenAI's Watermarking Plans

OpenAI has publicly committed to implementing text watermarking for ChatGPT outputs but has not yet deployed a public implementation as of early 2026. Internal documents disclosed in a legal proceeding in 2024 indicated that OpenAI had developed a working text watermarking system but was concerned about competitive disadvantage if it deployed the feature unilaterally — users might simply switch to a competing model that does not watermark its outputs.

This points to a fundamental coordination problem in AI watermarking adoption. Watermarking is most useful when it is universal — when all major AI text generators embed verifiable signals in their outputs. A system where only some models watermark their outputs creates selection pressure for users who want to avoid detection to use the non-watermarking models. Solving this coordination problem requires either industry-wide agreement or regulatory mandate. The EU AI Act is moving toward the latter.

What AI Watermarking Means for Academic Integrity

If AI watermarking becomes widespread, it could transform academic integrity enforcement in several important ways.

Verified detection rather than probabilistic inference. Current detection tools give probability scores — this text is 78% likely to be AI-generated. A functional watermarking system would give binary verified answers — this text was definitively generated by Model X on Date Y. This eliminates the false positive problem for watermarked content: if a text does not carry a verifiable watermark, that is evidence it was not generated by a major AI system.

Attribution of specific AI sources. Watermarking can identify not just that content was AI-generated but which specific system generated it and when. This is useful for distinguishing between different types of AI use: a student who used Gemini to summarise a source is different from one who used ChatGPT to generate the entire paper.

Support for transparent disclosure frameworks. Universities that permit AI use with disclosure could verify that disclosures are accurate. A student who declares "I used Gemini to generate an initial outline" can have that claim verified if the outline content carries SynthID markers.

However, watermarking does not solve every problem. Editing and paraphrasing can degrade statistical watermarks. Users could generate content with non-watermarked models. And the technology still needs to mature and standardise before it can serve as reliable institutional infrastructure.

The Timeline for Standardisation

In 2026, AI watermarking for text is at an early-but-accelerating stage. Several factors suggest that widespread adoption will occur within the next three to five years:

The EU AI Act mandates transparency for AI-generated content, creating regulatory pressure for provenance mechanisms
Multiple technology providers are investing heavily in watermarking R&D
The C2PA standard provides a common technical framework that reduces the coordination problem
Major AI providers including Google, Microsoft and Meta have endorsed the principle of watermarking
High-profile misuse cases (deepfakes, disinformation) are increasing political will for content provenance solutions

For students, the practical takeaway is that AI detection is likely to become significantly more reliable in the coming years — not through improvement in pattern-matching tools, but through a structural shift toward verified provenance. The prudent approach remains the same regardless: use AI tools only in compliance with your institution's policy, disclose use transparently when permitted and produce work that genuinely reflects your own thinking and understanding.

Check Your Paper Before Submission

Use our professional plagiarism checker and AI detector — from €0.29/page, results in 15 minutes.

Start Check Now