Watermarking
Invisible. Persistent. Recoverable.
Original Pictures embeds an imperceptible watermark at the moment of signing. If the C2PA manifest is stripped, the watermark survives and we recover the provenance record from it.
Why watermarking matters: Metadata is easy to strip. A JPEG re-save removes EXIF. A screenshot removes everything. The watermark is embedded in the signal itself in pixel values, audio samples, or video frames and survives those transformations.
Supported modalities
| Modality | Engine | Readiness | Survivability |
|---|---|---|---|
| Image | Adobe TrustMark | Production | JPEG 50% quality, resize to 25%, crop 30%, format conversion |
| Audio | Meta AudioSeal | Public Beta | MP3 128kbps re-encode, 10dB noise, pitch shift ±2 semitones |
| Video | Meta VideoSeal | Private Beta (CPU) / Public Beta (GPU) | H.264 re-encode, 25% crop, 2x speed change |
| Text | Google SynthID-Text | Experimental | Generation-time hook only; no post-hoc embedding |
Quality impact
Watermarking changes the content slightly. For images: PSNR typically 42–47 dB, SSIM 0.995–0.999 (imperceptible). For audio: SNR impact below the threshold of human perception. Quality targets are enforced in CI a regression fails the build.
Payload format
The watermark encodes a 96-bit opaque identifier that maps to a manifest record in the Original Pictures soft-binding index. Not readable by humans. Not PII. The mapping from watermark ID to manifest is stored in Postgres and subject to GDPR erasure.
Honest about limitations
- — Extreme adversarial transformations (full image regeneration, very heavy compression) can degrade the watermark below recovery threshold.
- — Selective region removal if the watermarked region is entirely cropped out, the payload may be unrecoverable from that region.
- — We never claim "always detectable" or "100% accurate." We publish robustness benchmarks and gate them in CI.
Provenance that survives distribution.
Invisible watermarks included in every plan, every modality.