When a Screenshot Gets You Caught: How Invisible Watermarks Reveal Leakers

Invisible Watermark Basics

Invisible watermarks (暗水印) embed a mathematical code into the pixel data of images, videos, or screen captures. The code can contain employee IDs, timestamps, or other identifiers. Because the watermark is part of the image data, a phone photo of a screen retains it.

Real‑world Cases

Two 2026 incidents illustrate the technique:

NetEase: a screenshot was traced back to the employee via an invisible watermark.

Zhaomi: a photo taken of a screen was traced back to the employee using the same method.

A earlier example is Alibaba’s “抢月饼” incident (Sept 2016). A screenshot of an internal script contained a hidden watermark that identified the employee who leaked it.

Technical Schemes

Demo site (plain text URL): https://numfeel.996.ninja/pages/invisible-watermark showcases two mainstream schemes:

Spatial‑domain LSB : modifies the least‑significant bit of each pixel. Example: pixel value 10110100 (180) → 10110101 (181); brightness changes only ~0.4 % while storing one bit. Simple and efficient but not robust against JPEG compression.

Frequency‑domain DCT : embeds data in mid‑frequency DCT coefficients. Mid‑frequency components are less visible than low‑frequency and more robust than high‑frequency, giving resistance to JPEG compression and scaling.

Demo Walk‑through (Frequency‑domain)

1. Upload the Zhaomi photo:

2. Enter the watermark text UID:9527|whywhy and click “嵌入水印”.

3. Download the resulting image; visual inspection shows no change.

4. Extract the watermark from the downloaded image; the UID is recovered.

5. Test robustness by photographing the watermarked image with a phone. The demo provides an “embedding strength” slider (0–100). At the default strength 30, phone re‑photos succeed only intermittently. At strength 80, every phone re‑photo yields the original UID, demonstrating the trade‑off between visibility and robustness.

At the highest strength (80), the watermark remains invisible to the eye while phone captures consistently recover the UID:

Enterprise‑grade invisible watermarks typically use higher strengths and may combine dynamic screen ripples, making phone captures virtually always recoverable.

AI‑Generated Content Watermark (SynthID)

Google Gemini introduces SynthID, an invisible watermark embedded in AI‑generated images, audio, or video. Official documentation (plain text URL): https://deepmind.google/models/synthid/ states that SynthID is imperceptible to humans but detectable by specialized tools.

Using Gemini, an AI‑generated landscape image was created, then Gemini’s detection feature (plain text URL): https://support.google.com/gemini/answer/16722517 confirmed the presence of SynthID, proving the image originated from an AI model.

SynthID detection indicates that the content was generated or modified by a Google AI model; the watermark itself is not publicly documented to contain user‑identifying data.

Key Takeaways

Screenshot and photo capture can expose hidden identifiers; invisible watermarks enable precise source tracing.