Image Authentication in Adobe Lightroom

The rise of artificial intelligence (AI) has revolutionized the way we create and consume images. AI-generated images are now indistinguishable from human-created images, and they are being used in a wide variety of applications, from advertising to art.

This raises a number of concerns for photographers, who are worried that their work will be devalued by AI-generated images. They also worry that AI-generated images could be used to create fake news or other forms of disinformation.

I believe that Adobe could address some of these concerns by implementing a system for authenticating images in Adobe Lightroom. This system would use AI to compare an image to its original source, and it would generate a certificate of authenticity that would show the percentage of the image that was created by AI.

The system could work as follows:

  1. When an image is imported into Adobe Lightroom, a low-resolution thumbnail of the image would be attached to the metadata. This thumbnail would be locked and would be used as the basis for measuring the image’s authenticity.
  2. When the image is exported, a new thumbnail would be generated. This thumbnail would be compared to the original thumbnail for structural changes ignoring basic editing using AI, and a percentage of structual change would be calculated. This percentage would represent the amount of the image that was created by AI.
  3. The percentage of change would be displayed on the export dialog box, and the photographer could choose to include a certificate of authenticity with the image. The certificate would show the percentage of authenticity, as well as the original thumbnail.
  4. This feature could be an Opt-In for users.

This system would benefit Adobe, photographers, and the wider photographic community.

Benefits for Adobe:

  1. Increased trust in Adobe Lightroom: By providing a way for photographers to authenticate their images, Adobe would increase the trust that users have in Adobe Lightroom. This would lead to more people using Adobe Lightroom, which would benefit Adobe.
  2. Increased market share: Adobe would be the first major photo editing software company to offer a system for authenticating images. This would give Adobe a competitive advantage and could lead to increased market share.
  3. Several potential revenue streams.

Benefits for Photographers:

  1. Protection of photographers’ work: By providing a way for photographers to authenticate their images, Adobe would help to protect photographers’ work from being plagiarized.
  2. Increased transparency: By showing the percentage of an image that was created by AI, Adobe would increase transparency in the photo editing process. This would benefit both photographers and consumers.

Benefits for the Wider Photographic Community:

Reduced the risk of fake news: By making it easier to identify AI-generated images, Adobe would help to reduce the risk of fake news.

I believe and have suggested that it would be a valuable addition to the software and would benefit Adobe, photographers, and the wider photographic community.

Would love to hear your thoughts on the matter, or any other suggestions that you may have to protect the integrity of our work moving into this uncertain future.


We were actually thinking about implementing a service like this as a standalone product for the natural landscape photography awards. We think they’re in the coming years. There will be a growing demand for image authentication in regards to ai and Photoshop. I guess only time will tell.


An independent image authentication service could truly revolutionize the world of photography, Matt. It has the potential to tackle a host of issues that photographers face in their line of work.

First and foremost, it would offer a way to safeguard their intellectual property. Photographers put in a lot of effort and creativity to capture those one-of-a-kind moments and produce awe-inspiring images. With the help of cryptographic proofs or watermarks, an authentication service could establish the originality and ownership of their work, effectively deterring unauthorized use and plagiarism.

Another significant benefit is preserving the photographer’s creative vision. Their artistic style and unique perspective are the essence of their work. By utilizing an authentication service, photographers can ensure that their creative expression remains untampered, unaffected by machines or automated editing tools, safeguarding their artistic integrity.

Moreover, this service would be a game-changer in building trust with clients and their audience. Authenticity is a critical aspect of the photography industry, and a reliable image authentication service would assure clients and viewers that the images provided are genuine and unaltered, reinforcing the photographer’s reputation as a trusted professional.

In today’s digital age, where manipulation and misinformation are rampant, such a service would play a crucial role in combating image manipulation and fake news. By verifying the authenticity of their images, photographers contribute to a more reliable and trustworthy visual landscape.

Furthermore, photographs often serve as invaluable historical records, documenting significant events and people. An authentication service would ensure that these visual records remain unaltered, preserving their accuracy and authenticity for future generations.

The service could also strengthen copyright protection for photographers. With tamper-proof certificates as undeniable evidence of original authorship, the process of pursuing legal action against copyright violations would become more straightforward and efficient.

For photographers selling limited editions or catering to art collectors, the authentication service would add value to their prints. Collectors can have peace of mind, knowing they are acquiring genuine and authenticated pieces of art.

Lastly, by including authentication certificates in licensing agreements for commercial use, photographers would offer clarity and confidence to their clients regarding the authenticity and originality of the licensed content.

However, it’s worth noting that Adobe’s current feature called ‘Credentials’ in Lightroom, while a step in the right direction, might not go far enough to provide a bulletproof authentication system. Hence, the need for an independent image authentication service that can offer comprehensive and robust protection for photographers’ creative work.

I believe that a standalone image authentication service empowers photographers to safeguard their creative work and maintain control over how their art is perceived and used. It’s a way of ensuring that the human touch in photography, with its passion, emotion, and ingenuity, is preserved and cherished, surpassing the capabilities of machines and digital manipulations.

I’ve also taken the initiative to approach Adobe about the possibility of incorporating this image authentication feature into their software, particularly Lightroom and Photoshop. I firmly believe that integrating this functionality, especially during the initial upload process in Lightroom, would enhance the overall security and integrity of photographers’ work.

Now, I don’t want to come across as overly paranoid, but I can’t help but recognize another potential concern on the horizon – the rise of AI in cameras for in-camera ‘enhancements.’ While this is an issue for another day, it emphasizes the importance of addressing image authentication proactively, so photographers can maintain control over their creative vision and protect their art from any unintended alterations, whether through software or advanced AI technologies.

1 Like

Hi Don
Photoshop’s AI can UNCROP photos. SERIOUSLY. as viewed on Tony & Chelsea Northrup Aug. 11, 2023. Tony showed an un-cropped photographs that had a Osprey flying out of the frame. Then he ask Photoshop to re-crop the shot and adding the missing wing. The result was a natural looking Osprey in flight. This was not a composite, but a completely new regenerated expansion of the raw file. The question is how should identify.

Hi Peter

It seems it’s going to get more difficult to distinguish between original and digitally altered photographs as technology advances. One potential solution could involve camera manufacturers taking a proactive role in this challenge. They could develop a locked ID method or cryptographic signature embedded within the file structure of the image.

This unique identifier would serve as a digital fingerprint for the original shot, allowing any subsequent modifications to be traced and compared to the original. This would provide a verifiable chain of custody for the image, preserving the integrity of the original shot while still allowing for creative manipulation in tools like Photoshop.

Such an approach would necessitate collaboration between camera manufacturers, software developers, and industry standards bodies to create a secure and universally accepted method of image verification. It’s an exciting yet complex possibility that could play a vital role in maintaining authenticity in the field of photography.



I am sceptical that any sort of verification mechanism built around camera files can be made to work reliably, as anything that can be generated in camera can be generated on (any other) computer, i.e., the AI system could generate Sony raw files without any greater difficulty than jpegs. I don’t think cryptographic on camera signing is going to be a viable option either, as the (private) signing keys would need to be stored on the camera, from where they could be retrieved by a third party wanting to circumvent the system. There will eventually be enough finanical incentive for this to spawn an industry, so that the cost of a few camera bodies to hack into would be insignificant.

That leaves an independent external verification service of some sort, but that gets us back to the start – how does such service determine the file is not AI generated? The big problem with AI proliferation that is often overlooked is that eventually (and in not too distant future) it will be difficult to locate any genuinely non-AI content out there simply because of the volume of data that AI can generate. This in turn is going to make very difficult to train humans and/or AI systems to identify non-AI material.

I suspect with photographs it will come down to whether one trusts the photographer, which can work on 1 to 1 bases, but not for things like competitions.

LEICA add content credentials with PS plugin.

The basic problem with the Leica approach, which is reusing the webserver-like PKI, is that the certificate chains can get, and in the real world do get, compromised. With web servers that’s not unreparable, because a webserver only needs to be verified at the singular point of connection, so such compromises are short lived. But images need to be verifiable for perpetuity. When a certificate in the chain (there are always several, there will be more than one at the Certification Authority Leica is using, and then more intermediate ones at Leica itself) is compromised, it gets revoked, and all the certificates that were signed with it become invalid and replacements have to be issued in their place. This is no good for image verification – if (when?) the Leica certificate chain is compromised, any images already taken with the Leica cameras will become untrusted for ever after. In other words a photographer relying on such system could potentially find themselves with lifetime body of work being rendered untrustworthy. This is not outrageously improbable, these things happen at the CAs themselves, in spite of robust security protocols, and the chances of compromise at the camera manufacturers will be much higher. I think staking one’s lifelihood on this would be foolish, and without being able to do that its value is hugely diminished. A different kind of trust model is needed for this, though I have no idea what it could look like.

Tomas, you’ve correctly identified a critical vulnerability in the PKI system when applied to long-term image verification. The potential for a compromised certificate to irreversibly damage the credibility of a photographer’s entire body of work is a significant concern. In the dynamic digital landscape, where security breaches are unfortunately a reality, relying on a system with such a singular point of failure does seem risky, especially for something as timeless as photography.

However, it’s also worth acknowledging the positive strides that Leica is making in this space. By integrating digital verification into their cameras, they are addressing a growing need for authenticity in digital imagery, a concern that resonates with many photographers and viewers alike. This move by Leica represents a pioneering effort to embed a layer of trust and verification in digital photography, an industry that is continuously grappling with issues of authenticity due to rampant digital manipulation.

As for future improvements, a shift towards a decentralized model of trust, perhaps through blockchain technology, could offer a more resilient solution. Blockchain’s characteristics of decentralization, immutability, and transparency present a compelling alternative to traditional centralized PKI systems. This approach could potentially mitigate the risks associated with the compromise of a single certificate authority, ensuring the long-term integrity and verification of images.

Additionally, exploring advancements in cryptographic security, like quantum-resistant algorithms, could further safeguard the verification system against evolving technological threats. An agile and adaptive certificate management system could also be beneficial, offering a more responsive mechanism to deal with any security breaches swiftly.

In conclusion, while Leica’s current approach with the PKI system has its drawbacks, it is an important step in addressing the challenges of digital image verification. It opens up pathways for further innovations that could eventually lead to a more secure, reliable, and enduring solution for verifying the authenticity of digital images.

1 Like

I see Nikon has made (again?) an announcement about bringing out their own thing together with APF, but I could not find any technical details about their solution. I think the best we can expect at present from any of this is an immediate PKI verification that could be used by photojournalists and agencies, but that cannot be expected to remain valid for years. I also supect the camera makers are not particularly interested in longevity, a built-in obsolescence is the name of the game these days.

@Saundie some form of blockchain is probably way this could go. The difficulties I foresee is the computational intensity, and hence latency – having to wait a considerable amount of time for sufficient Proof of Work is going to be a problem precisely where this technology would be most useful, i.e., real-time news reporting. Also the block chain can only be considered trustworty if it’s truly decentralized. If a single party controls a significant proportion of the nodes, it can manipulate the record. That raises the question who runs the nodes? I suspect to make this work would require the camera manufactures and press agencies to participate in a single block chain, something like that would have more chance of success if it was spearheaded by a thirt party, e.g., Adobe, than the current NIH direction the manufacturers are taking.

It will be interesting to see how this develops over the coming years. The need is there, and it means there is money to be made, so I expect we will see lot more happening in this space now that Leica is pressing on with this in earnest.

1 Like

You’ve raised some intriguing points about the integration of blockchain technology in photography, particularly regarding Nikon’s recent announcement in collaboration with APF. It’s true that there’s a growing interest in using blockchain for verifying the authenticity of images, especially in photojournalism and similar fields where maintaining the integrity of an image is crucial.

You’re spot on about the potential use of immediate PKI (Public Key Infrastructure) verification. This approach could indeed provide real-time, credible authentication for images as they’re captured, which would be a game-changer for photojournalists and agencies. However, as you mentioned, the longevity of such verification remains a question, given the pace of technological advancements and changes in industry standards.

Regarding the computational intensity and latency issues associated with blockchain, these are significant challenges, especially for applications requiring real-time processing, like news reporting. The need for a decentralized blockchain to maintain trustworthiness is also a critical aspect. If the blockchain is not genuinely decentralized, it risks being manipulated, which defeats its purpose in this context.

Your idea about having a third party like Adobe spearhead the initiative is interesting. It could indeed provide a more neutral ground for various stakeholders, like camera manufacturers and press agencies, to collaborate. This kind of partnership could lead to the creation of a more standardized and universally accepted blockchain solution for the photography industry.

As for built-in obsolescence, it’s a concern in many tech industries, not just photography. However, the increasing demand for trustworthy and verifiable images might push manufacturers to prioritize longevity and reliability in their blockchain integration efforts.

Overall, it’s an exciting time for the intersection of photography and blockchain technology. With companies like Leica pushing forward and others likely to join, we’re bound to see significant developments in this space. It’ll be fascinating to watch how these technological advancements evolve and how they’re adopted by the photography community.

@Tomas_Frydrych @peter @Matt_Payne

You may find this of interest, worth a quick read:

The article from Lifewire discusses the introduction of a new standard authentication technology by camera manufacturers, designed to verify the authenticity of photos. This technology is a response to the increasing prevalence of AI-generated images and deepfakes on social media, which can distort the news narrative. The main purpose of this technology is to ensure that the images have not been altered in any significant way, preserving their originality and authenticity [1].

:globe_with_meridians: Sources

@Saundie I assume by standard they mean C2PA, which is just a bog standard X.509 signing scheme, with all the problems that come with it.

They get around key compromise by asserting ‘everything that key signed before its exposure can still be trusted’ – this is utter nonsense, not only because once a key is compromised it is possible to generate backdated content, but, in principle, it is impossible to accurately ascertain the time of the compromise. If the design is this naive, how robust can one expect the implementations to be? I’d bet when this lands, the scheme will be compromised before the next camera models is ready. (To me the C2PA scheme comes across as something cooked up by mid-level managers rather than security professionals.)

This scheme also advises against block chain use, because they want the manifests to be mutable; the original records being mutable further undermines the system, when a key is compromised, the attacker will not only be able to create fake images that will look authentic, but make pre-existing images in-authentic.

Of the camera manufacturers only Sony are on the steering committee, that’s not a good sign, it looks to me like Leica, Nikon, Canon are hedging their bets just now, and probably working on some inhouse schemes of their own.