How to Spot an AI-Generated Image: A 2026 Checklist

A convincing fake photo can now reach a million WhatsApp screens before anyone checks whether it is real. If you want to spot an AI-generated image in 2026, the old advice — count the fingers, look for melted ears — is no longer enough. Today's image models render hands, jewellery and even readable text well enough to fool a quick glance. The reliable skill is not having a sharper eye; it is following a short, repeatable verification routine that mixes what you can see with what the file itself can tell you.

This matters more than ever in India, where forwarded images drive political rumours, communal tension, fake celebrity endorsements and investment scams. From 20 February 2026, India's amended IT rules require large platforms to label synthetic media — but labels can be missing or stripped, so the responsibility to verify still lands on you.

Why Your Eyes Alone Will Fail You

Early AI images had obvious tells: six-fingered hands, garbled signboards, lopsided spectacles, backgrounds that dissolved into smears. Newer models have largely closed those gaps, which means the most-shared 'how to detect AI' tips are already outdated.

That said, visual scanning is still a useful first filter. The trick is to stop hunting for one smoking gun and instead look for clusters of small wrongness:

• Texture that is too clean — poreless skin, plastic-smooth hair, suspiciously even lighting with no harsh shadows.
• Physics that doesn't add up — reflections that don't match, shadows falling in two directions, jewellery or teeth that blur on a zoom.
• Background nonsense — repeated faces in a crowd, warped architecture, text on shop boards that looks like letters but spells nothing.
• Context mismatch — the 'event' has no other photos, no credible outlet, and only one viral version exists.

If two or three of these stack up, raise your suspicion — but treat it as a reason to verify, not a verdict.

Check the Receipt: Content Credentials and C2PA

The biggest shift in 2026 is that many images now carry a tamper-evident 'receipt' of how they were made. This is the C2PA standard — backed by Adobe, Microsoft, Google and others — which embeds signed metadata called Content Credentials into a file.

This manifest can record where an image came from, what software touched it, what edits were made, and crucially whether it was AI-generated or AI-edited. Tools that follow the standard tag content with machine-readable labels — for example marking an image as fully synthetic versus a real photo with AI touch-ups.

To read these credentials:

1. Look for a small 'CR' provenance icon that some apps and sites now show on images.
2. If there's no icon, upload the file to a free C2PA verifier or Content Credentials inspector and read the manifest.
3. Note what it says about origin, edits and AI use — and the date.

The catch is important: a present, valid credential is strong evidence, but an absent credential proves nothing. Metadata gets stripped the moment an image is screenshotted, re-saved or passed through some chat apps. So credentials are great when they exist and silent when they don't.

Hidden Watermarks: SynthID and Friends

Provenance metadata sits on the outside of a file. Invisible watermarks go a layer deeper, hiding a signal inside the pixels themselves so it survives some cropping, compression and re-saving.

Google DeepMind's SynthID is the best-known example, embedded in images produced by Google's own AI tools and detectable with its checker. Several other major AI providers are rolling out similar in-pixel or metadata signals, partly to comply with new disclosure laws worldwide.

For a normal reader, you usually can't extract these yourself today — support is fragmented across vendor-specific tools. But it's worth knowing that the infrastructure is shifting from 'guess from pixels' to 'read a built-in signal'. Over time, expect platforms to surface a simple 'made with AI' flag automatically. Until then, treat watermark checks as a bonus, not a routine step.

The Step That Beats Everything: Reverse Image Search

If you do only one thing, do this. A reverse image search answers the single most useful question: where and when did this image first appear?

It routinely exposes fakes by revealing that:

• The 'breaking news' photo is years old and from a different country.
• The image is a known stock or movie still, recoloured and recaptioned.
• The only place it exists is the viral forward itself — a red flag for fabrication.

Upload the image (or a cropped section of the key subject) to a reverse-search engine, then sort by oldest results. Cross-check against established news outlets. If a dramatic image is real, multiple credible sources will usually carry it, from different angles, with named photographers. A lone, source-less viral image is the classic signature of both AI fakes and recycled old photos.

Online AI Detectors: Use With Heavy Caution

You'll find dozens of websites promising to tell you if an image is AI-made. They can help, but understand what they actually give you: a probability score, not proof.

These detectors are trained on certain models and can be wrong in both directions — flagging a real photo as fake (a false positive) or missing a clever fake. Heavy compression, screenshots, filters and re-editing all degrade their accuracy. A real photo of a flawless studio portrait can score 'likely AI' simply because it looks too clean.

The sensible rule: never act on a single detector. If you must use one, run the image through two or three different tools and weigh the result alongside provenance and reverse search. Treat any score between roughly 'maybe' and 'maybe not' as inconclusive.

Your 4-Step Verification Workflow

Put it together into a routine you can run in under two minutes before believing or forwarding anything:

1. Pause and scan. Look for clusters of visual wrongness and ask whether the image even makes sense in context.
2. Check the receipt. Look for a CR icon or run the file through a Content Credentials / C2PA verifier.
3. Trace the origin. Reverse image search, sort by oldest, and confirm whether credible outlets carry it.
4. Sanity-test, don't trust blindly. If you use AI detectors, use more than one — and let provenance and origin override a shaky score.

No single check is foolproof, which is exactly why you stack them. A fake might survive one test; it rarely survives all four.

What Comes Next

The arms race won't end. As detection improves, generation improves, and watermarks can be attacked or removed. The durable defence is a mindset shift: stop asking 'does this look real?' and start asking 'can I verify where this came from?'

Expect provenance to quietly become the default — phones, cameras and editing apps signing images at creation, platforms displaying an automatic origin label, and India's labelling rules pushing big services to disclose synthetic media. Until that future fully arrives, the most valuable thing you can build is the habit: verify before you believe, and verify before you forward.