Deepfakes will soon be everywhere. What once required a skilled graphic designer is now achievable with off-the-shelf AI tools, allowing anyone to create convincing deepfakes with a single click. The harm caused by deepfake attacks is not hypothetical; it’s a deliberate and escalating threat, particularly for elections, personal attacks, or legal disputes, where intentionally manipulated media is crafted to alter public opinion or influence decision-making. Seeing is no longer believing, and we need help navigating the search for truth. Unfortunately, deepfake detectors often make mistakes. Origin-authentication offers the best path for verifying the trustworthiness of digital content.
The term “deepfakes” usually refers to AI generated or edited images and videos designed to convincingly misrepresent reality. While many deepfakes are harmless or even entertaining, their weaponization is already causing real harm. Since 2021, the U.S. Department of Homeland Security has warned of increasingly sophisticated AI-driven identity attacks. The key challenge is scale—as generative AI has made deepfake creation cheaper and more accessible, driving a rise in targeted attacks and fraud.
In 2019, criminals used AI-generated voice technology to mimic a CEO, convincing an employee to transfer €220,000 to a fraudulent account. In 2023, an Arup employee in Hong Kong was deceived into wiring £20 million after a deepfake impersonated a senior manager in a video call. In the last US election, there was a faked robocall that mimicked President Biden’s voice. It’s never been easier to create and distribute high-volumes of synthetic content, which has upped the challenge of distinguishing fact versus fabrication.
Current Solutions: Detection and Inference Technology
Solutions to the deepfake problem fall into two buckets: reactive and proactive. Reactive approaches classify content as trustworthy until presented with evidence to the contrary. Proactive approaches assume that content is untrusted by default, and the burden of proof is on the content or creator to show otherwise. Simply put, reactive approaches treat digital content as innocent until proven guilty, and proactive approaches treat content as guilty until proven innocent.
The most common technique in place today is reactive: human interpretation. People look at images and decide whether they are real or fake. And while the current generation of deepfake tools makes some judgment calls obvious, others are trickier. Worse yet, there is research indicating that the mere existence of AI is leading to widespread public distrust of legitimate information sources.
Reactive solutions include deepfake detection. Deepfake detectors are themselves AI algorithms that are trained to flag AI-generated or AI-edited content. The fundamental problem with deepfake detectors is the ever-evolving nature of deepfake technology. With over 500,000 AI-manipulated videos and audio files circulated across social media platforms in 2023 alone, deepfake creators are constantly evolving, and deepfake detection technologies must scramble to keep up. The current generations of deepfake detectors rely on statistical signatures and other clues to guess whether content is AI-generated. This is a losing cat-and-mouse game as deepfake technology continues to improve and become more realistic, because there are no fundamental differences between an AI-generated pixel versus a camera-generated pixel.
Proactive Solutions: Provenance and Credentialed Content
Proactive solutions to the deepfake problem include provenance and data poisoning. Provenance solutions proactively authenticate the origin of content, AI-generated or not, through technologies like secure metadata, blockchain ledgers, or watermarking. One example is C2PA, an open-source metadata standard for deepfakes and non-AI-generated content alike. While metadata can be stripped out of a file, forensic watermarks serve as a safety net.
Provenance solutions allow nuanced labeling of digital content. The line between AI-generated and organically-generated content is blurring. An image might have been painted on canvas, digitally scanned, and touched up with AI-powered editing tools. Is that image a deepfake, not, or somewhere in between? Deepfake detectors make a binary decision, whereas provenance tools can offer that full creation history for a more contextual decision.
Realistic solutions moving forward.
We will eventually reach a point where deepfakes and organic content are indistinguishable to both human eyes and algorithms. Organizations and governments must start taking proactive steps to safeguard the integrity of digital content. The endgame solution to the deepfake war will be provenance for all digital content. The big lift will be educating both users and platforms to support and expect content provenance before. This is a major change and isn’t going to happen overnight. Fortunately, governments are beginning to pass critical deepfake regulations. By combining technological innovations like forensic watermarking with public education and strong regulations, we can effectively defend against the harmful impact of deepfakes and build a more honest digital future.