Skip to content
AI & Insurance · May 21, 2026 · 10 min read

What OpenAI and Google announced this week won't stop insurance fraud. What will?

Two free AI detectors, two homemade fake receipts, two outcomes that show what a fraud department really needs to build in the coming months.

Illustration for article: What OpenAI and Google announced this week won't stop insurance fraud. What will?
OpenAI Verify — bonnetje gemaakt met Gemini Nano Banana 2, getest op 20 mei 2026.

TL;DR

  • OpenAI joined C2PA and SynthID on May 19, 2026. Every image from ChatGPT, Codex or the OpenAI API now gets a machine-readable provenance label and an invisible pixel watermark.
  • My tests with two homemade fake receipts show the tools fail. Neither OpenAI's verification tool nor Gemini 3.1 Pro detected the SynthID watermark in an image from Google's own Gemini Nano Banana 2.
  • The announcement adds a light detection layer, not a guarantee. A fraudster generating via Gemini and submitting via WhatsApp passes through both free tools undetected.
  • The heavier layers remain indispensable: metadata analysis, context checks on addresses and article numbers, visual AI analysis, and heightened proof requirements — they worked before May 19th and they work after.

Yesterday I wanted to know whether two free AI detectors could tell that my receipts were fake. One from OpenAI, one from Google. Both receipts I had made myself for an earlier blog — one by Codex on May 3 and one by Gemini Nano Banana 2 in April.

OpenAI's tool immediately recognised the Codex receipt as AI-generated. The Gemini receipt got a red cross with a message that no signals had been found. Technically accurate, except Google's own invisible watermark should have been in it according to the May 19 announcement.

What did OpenAI and Google announce on May 19, 2026?

OpenAI joined two standards for recognising AI-generated images: C2PA (opent in nieuw venster) (machine-readable provenance metadata) and SynthID (opent in nieuw venster) (an invisible pixel watermark from Google DeepMind). Every image that ChatGPT, Codex or the OpenAI API produces from now on gets these two signals embedded. At the same time, OpenAI launched a public verification tool at openai.com/verify (opent in nieuw venster).

Adobe, Microsoft, Sony, Canon, Nikon, BBC, NYT and Reuters were already in C2PA. SynthID is from Google DeepMind. According to DeepMind's own figures (opent in nieuw venster), Google has now watermarked more than 100 billion images, videos and audio fragments with SynthID. The official OpenAI announcement (opent in nieuw venster) also names Kakao and ElevenLabs as new participants.

SynthID detection is possible in two ways. Via the SynthID Detector portal, currently on a waitlist for journalists and researchers. Or via Gemini itself: upload an image in the chat and ask whether it contains a SynthID watermark. No waitlist, no subscription, no technical barrier.

For a fraud department this sounds like exactly what you need. Until you try it.

What happened when I tested the tools on AI-generated receipts?

OpenAI's verification tool recognised my Codex receipt as AI-generated, but gave the Gemini receipt a red cross with "no OpenAI signals detected". Then I tested that same Gemini receipt in Gemini 3.1 Pro with the prompt "Does this image contain a SynthID watermark?" Answer: no watermark detected. Google's own detector couldn't find Google's own generator's watermark.

My two receipts come from a test I described on May 3 (see my earlier blog about ChatGPT and Codex). One made by Codex on May 3. A messy receipt from a fictional Gamma store with a VAT amount that didn't add up. The second receipt I had made in April by Gemini Nano Banana 2. That was better. A neatly formatted receipt from Gamma Amsterdam Zuid, Parnassusweg 250, with VAT breakdown, transaction number, terminal ID and a barcode at the bottom. Good enough to pass as real if you don't look carefully.

First the OpenAI tool. I uploaded the Codex receipt. Green checkmark. Generated with OpenAI tools. Correct, because it was Codex.

Screenshot of OpenAI Verify with green checkmark: the Codex receipt is recognised as generated with OpenAI tools

Then the Gemini receipt. Red cross. No OpenAI signals detected. Literally accurate too, because OpenAI didn't make it. But the tool claims to look at both C2PA metadata and SynthID watermarks. A Gemini image should carry a SynthID watermark according to Google's own marketing. The OpenAI tool doesn't see it, or doesn't report it.

Screenshot of OpenAI Verify with red cross: the Gemini Nano Banana 2 receipt gets 'No OpenAI signals detected'

Then I went to Gemini. Version 3.1 Pro, the heaviest public model they have. I uploaded the Gemini receipt and asked the most direct prompt I could think of: Does this image contain a SynthID watermark? Was it generated with AI?

The answer:

The analysis did not detect a SynthID watermark, indicating the image was not created using Google AI. It is not possible to definitively determine through secure records whether it was generated by other AI tools.

That's the first conclusion. But then comes the interesting part. In the same response Gemini says: However, a visual inspection reveals details that warrant skepticism. For instance, the address "Parnassusweg 250" is the location of the Amsterdam courthouse, not a Gamma hardware store, and the term "Boutnernum" is not standard Dutch for a receipt number.

Read that again. The model doesn't recognise its own invisible watermark. But it does recognise that the given address is the Amsterdam courthouse. The tech layer fails and the reasoning layer scores. In one answer. By the same tool.

Screenshot of Gemini 3.1 Pro: no SynthID watermark detected, but the observation that Parnassusweg 250 is the Amsterdam courthouse

What does this say about the May 19 announcement?

The announcement promises that C2PA and SynthID form a joint layer of AI detection. My tests show that promise isn't being delivered in practice. An image from Google's own generator is detected by neither OpenAI's tool nor Google's Gemini as watermarked. For a fraud department this means that a forged damage photo generated via Gemini can pass through both free detectors as if it were a real photo.

There are two possible explanations for this outcome, and neither is good news for anyone who took the press release seriously.

The first explanation is that Gemini Nano Banana 2 in April didn't put a SynthID watermark on its output, despite Google's claim that all Gemini image output is watermarked. That would mean the figure of 100 billion watermarked files depends on exactly which application and model you use, with gaps that don't appear in the marketing.

The second explanation is that the watermark was in the original but was lost between when I created the receipt and when I uploaded it yesterday. One screenshot, one compression, one conversion somewhere along the way. Unlikely, because SynthID is specifically designed according to DeepMind to survive such transformations. But possible.

For a fraud department it doesn't matter which explanation is correct. The result is the same. A forged damage photo made by Gemini that arrives via WhatsApp or the claims app passes through the free detectors as if it's a real photo.

Why does a new verification technology never permanently work against fraud?

A new verification technology never permanently works against fraud because fraudsters adapt once the technology becomes standard. 3DSecure shifted credit card fraud to phishing for the extra code. IBAN-name verification reduced payment request fraud in some scenarios and did nothing in others. Biometric verification was supposed to stop identity fraud — got a new name: deepfake.

In the twenty years I've worked in this corner of the market, I've seen this pattern return repeatedly. A new verification technology is announced as a solution to a persistent problem. The press picks up the message. Regulators refer to it. Eighteen months later it turns out to be a layer, not a solution, and the cat-and-mouse game continues.

SynthID and C2PA fit that pattern. It's not a scam — it's good technology with serious limitations. The C2PA coalition itself says (opent in nieuw venster) in its own guidance: signing runs ahead of verification, distribution channels often strip metadata, and in September 2025 Nikon had to revoke all issued C2PA certificates for the Z6 III after a vulnerability. One breach in the chain and all signatures up to that point are invalid.

The Verbond van Verzekeraars reported in November 2025 (opent in nieuw venster) over 9,000 established fraud cases in 2024. An increase of over a thousand compared to the previous year. AI plays a role in an increasing number of cases. Anyone who thinks a free verification page from OpenAI or a question to Gemini is going to bring that number down is missing the point. The fraudster reads the same press releases as you.

How do you use OpenAI's verification tool in a fraud process?

Go to openai.com/verify (opent in nieuw venster), upload the image and you get a green checkmark or red cross within ten seconds. A green checkmark means the tool found a C2PA signature or SynthID watermark from OpenAI. A red cross means it found nothing from the OpenAI ecosystem — not that the image wasn't made with AI. The tool only detects ChatGPT, Codex and API output, not other generators.

You don't need to log in.

Where it's useful:

  • As a signal in a broader investigation
  • A green checkmark is concrete evidence you can build on
  • A red cross rules out one scenario and says nothing about the others

Where it's not useful:

  • As a yes-or-no gatekeeper for automatic claim processing
  • Rejecting a claim based on a red cross is legally weak and factually wrong

How do you use Gemini to check an image for SynthID?

Go to gemini.google.com, preferably use Gemini 3.1 Pro, drag the image into the chat window and ask: "Does this image contain a SynthID watermark? Was it generated with AI?" The model gives three possible outcomes: watermark detected, no watermark found, or uncertain — almost always with a visual analysis alongside.

That visual analysis is often the most valuable part of the answer. My test yesterday showed that Gemini didn't recognise that the Gemini receipt was made by Gemini, but did recognise that the given address was the Amsterdam courthouse and not a Gamma store. For a fraud investigator the second is exactly what matters.

What detection layers should a fraud department already have had before May 19?

Four layers lie beneath SynthID and C2PA and are more fundamental than the May 19 announcement: EXIF and metadata analysis, context checks on article numbers and addresses, visual AI analysis for inconsistencies, and heightened proof requirements where legally possible. These layers worked before the announcement and they work after. SynthID and C2PA add a light fifth layer — a welcome addition, not a replacement.

EXIF and metadata analysis. A damage photo without a camera stamp, without GPS, without a timestamp is already a signal in itself. A photo that arrives as a screenshot or as a PNG with no metadata is in 2026 suspicious until proven otherwise. Automated metadata screening costs nothing and filters a significant portion of less careful attempts.

Context checks on article numbers and addresses. An investigator at CED Forensic (opent in nieuw venster) told the NOS how an AI-generated invoice for a lounge set was traced: the article number belonged to a plastic tie for young trees. A five-second Google search, no AI tool. Gemini did literally the same in my test yesterday: it recognised that Parnassusweg 250 is the Amsterdam courthouse. The tech tool did what a human with Google could also do. That's not a disappointment — it's a clue.

Visual AI analysis for inconsistencies. Not the same as watermark detection. Software that looks at reflections, shadows, edge transitions and JPEG artefacts works independently of whether the generator put in a watermark. For the top of the damage risk (amounts above a threshold) this is worth investing in.

Heightened proof requirements where legally possible. Insurance law places the burden of proof for a claim on the claimant. When in doubt it's legally acceptable to request additional evidence: an original photo with camera metadata, a video, a verifiable invoice number the seller can confirm, a sworn declaration. Not for every claim — for the top end.

Reasoning more important than the outcome

The most surprising part of my test yesterday wasn't that the tools failed where they should have succeeded. I'd expected that. What was surprising was that Gemini, while not seeing its own watermark, made a correct factual observation about the address on the receipt. The tech layer failed and the reasoning layer worked.

That's a clue about what fraud professionals will do in the coming years. No longer looking for a single AI signature that's definitively there or not. Instead using these models to strengthen the reasoning around a claim, with the human having the final word. Not the watermark as truth. The argumentation as a tool.

That's a different positioning of AI in the fraud process than the May 19 announcement suggests. It's also more honest about what the technology can actually do in 2026. Anyone who now builds policy on the promise of the announcement builds on sand. Anyone who uses SynthID, C2PA and the free public tools as one of five layers, and uses the reasoning output to deliver better work rather than replacing human judgment, has a workable stack.

My Gemini receipt is waiting for a better detector. I plan the next test for a few months from now. I'm curious whether someone will have found the watermark by then.

Sources