It’s surprisingly easy to remove Google’s digital AI watermark on the Pixel 10
The new Google Pixel 10 series, much like the Samsung Galaxy S25, is stepping up its game in the fight against misinformation with C2PA metadata. This basically adds a digital watermark to photos, tracing their origins and any edits made along the way. It's Google's way of helping us figure out what's real and what's not in the increasingly confusing world of online images.
When I got my hands on the Pixel 10 Pro, I immediately started wondering: how secure is this system? Can I actually remove or alter this data? So, I rolled up my sleeves and started digging. What I found was both a bit scary and a little reassuring.
The Good and the Not-So-Good
For this to work, apps and websites need to be updated to support this C2PA metadata. On the Pixel 10, both the Camera app and Google Photos are on board. They can add and read the information about where a photo came from and what's been done to it. However, older photos from my Pixel 9 and earlier don't have this data, even when viewed on the Pixel 10. The watermark just wasn't there to begin with. However, if I tweak those older photos using the Pixel 10, they'll get tagged as altered.
For example, a brand-new photo taken with the Pixel 10 will show a tag saying, "Media captured with a camera" in Google Photos. For panoramas, it even specifies, "Media captured with a camera, multiple images were combined." That's a good sign that the photo is likely authentic.
However, if it's a portrait or long exposure, where there's just simple adjustments, you'll see an "Edited with non-AI tools" mention. This also pops up if I use Google Photos for basic edits like cropping or adjusting brightness. But if I use the Magic Editor to erase or move something, thus altering reality, Google adds an "Edited with AI tools" tag. Even the zoom feature is flagged because it's powered by AI.
Interestingly, I noticed that Pixel Studio doesn't embed this data correctly. It uses an older system and displays an "AI info" box that can be easily changed. C2PA, on the other hand, is encrypted and more secure. Other websites that support C2PA will also show this information, though the wording might be slightly different.
Breaking the System?
My initial attempts to mess with the metadata were pretty clumsy. I used a tool called exiftool to just wipe out everything. While this did remove all the C2PA metadata, it also erased other important information like the date, time, and camera settings. This makes it pretty obvious that something's been tampered with.
Then, I tried to delete specific parts of the C2PA data. But with so much metadata to sort through, it felt like searching for a needle in a haystack. Luckily, I found that C2PA metadata is stored in a specific part of the image file called the JUMBF segment. Using exiftool, I could erase all JUMBF data while keeping the rest of the EXIF data intact.
With a simple command, I could remove the "Edited with AI tools" tag from a photo while leaving the date, time, and camera information untouched. The photo no longer had any embedded proof that it had been altered by AI.
If you're tech-savvy, though, there's a telltale sign. If a photo from a Pixel 10 is missing the "Captured with a camera" tag, it should raise a red flag. Either someone faked the phone information or erased the C2PA metadata to hide any AI manipulation.
Can You Fake It?
My next goal was to see if I could fake the C2PA data. Could I make an AI-edited image look like it came straight from the camera? Unfortunately, my attempts failed.
I tried swapping C2PA metadata between two images. It was easy enough to do, but Google Photos immediately flagged the result as "media information missing, modified, or unrecognized." It turns out that C2PA metadata isn't just a list of tags. It has a built-in security check that acts like a digital fingerprint. Any mismatch invalidates the record.
So, while it's difficult to fake the C2PA credentials, it's concerning how easy it is to remove the AI signature altogether. If you see a photo from a Pixel 10 that looks suspicious and has no C2PA marker, it's likely been scrubbed clean.
Source: AndroidAuthority