News, news analysis, and commentary on the latest trends in cybersecurity technology.

Google's AI Watermarks Will Identify Deepfakes

The SynthID line of watermarking techniques can be used to identify images, video, and text generated by artificial intelligence.

2 Min Read
Source: Deemerwha Studio

Google made a number of AI-related announcements at the Google I/O developer conference this week, including stronger security measures in its artificial intelligence models to clamp down on the spread of misinformation via deepfakes and problematic outputs.

The company expanded its SynthID line of watermarking technologies to enable the insertion of invisible watermarks on AI-generated video and text. This way, documents can be traced back to their original sources. SynthID already applies watermarks to AI-generated images and audio.

"We are ... developing new tools to prevent the misuse of our models," said James Manyika, senior vice president at Google, at Google I/O.

Watermarking AI-generated content is gaining in importance as AI is increasingly being used to create various types of content. Deepfake video and audio have already been used to spread misinformation and for business email compromise.

Google also announced two new AI models at I/O — Veo, which generates realistic videos, and Imagen 3, which generates life-like images. The new watermarking techniques will be implemented in both models to easily identify fakes and prevent the spread of misinformation, Manyika said. For example, all videos generated by Veo on VideoFX will be watermarked by SynthID.

"We're doing a lot of research in this area, including the potential for harm and misuse," Manyika said.

With SynthID watermarking, the AI model attaches a watermark to generated output, which could be a block of text or an invisible statistical pattern. It then uses a scoring system to identify the uniqueness of that watermark pattern to see whether the text was AI-generated or came from another source. Google is open-sourcing SynthID text watermarking to other vendors.

"SynthID for text watermarking works best when a language model generates longer responses, and in diverse ways — like when it’s prompted to generate an essay, a theater script or variations on an email," Google wrote in a blog post.

At I/O the company also noted how it is protecting AI models with AI-assisted red-teaming techniques. AI agents are trained to compete with each other to improve and expand their red-team capabilities. The primary goal behind this adversarial technique is to reduce problematic outputs.

"We test our own models and try to break them by identifying weaknesses," Manyika said. "Building AI responsibility means both addressing the risks and maximizing the benefits of people and society."

About the Author(s)

Agam Shah, Contributing Writer

Agam Shah has covered enterprise IT for more than a decade. Outside of machine learning, hardware, and chips, he's also interested in martial arts and Russia.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights