forensics.media Subscribe
Verification

How to verify if an image is real

By The Forensics Media team
5 min read
Contents

Verifying an image is not a single test but a workflow: find where else the photo appears, check whether it matches the place and time it claims, and read its metadata, all while knowing each step can come up empty. The honest output is usually “consistent with” or “inconsistent with” a claim, not a clean real-or-fake verdict. Most “fake” images are not edited at all, they are real photos shown in the wrong context, which is why verification starts outside the pixels.

Define the claim first

Before running any tool, write the claim in a single sentence: what does this image supposedly show, where, and when? “Is this image real?” is too broad to answer, but “does this photo show the flooding it is captioned as, in that city, this week?” is testable, and the difference decides which checks matter and in what order. Naming the claim also keeps the conclusion honest: you finish by verifying or refuting one specific assertion, which is a far more defensible output than stamping a blanket “real” or “fake” on a file. A vague question invites a vague answer, and in verification a vague answer is usually wrong. Scoping the claim also rules tools in or out before you waste time: a claim about where a photo was taken points to geolocation, a claim about when points to reverse search and chronolocation, and a claim that an object was added or removed points to the pixel-level checks instead.

”Real” usually means “in the right context”

The most common form of image misinformation is the recycled photo: a genuine image from one event, presented as if it shows another. No pixel-level forensics will catch this, because nothing in the file was altered. So the first question is not “was this edited?” but “where and when did this actually come from?” That reframes verification as an investigation, not a lab test.

This is the approach open-source investigators use. As the open-source research collective Bellingcat puts it in its guide to social media verification, “manipulated images are far rarer than old images posted out of context or intentionally mislabelled in order to mislead” (Mossou and Higgins, 2021). The methods below are the core of that workflow.

Reverse image search across several engines

The single highest-value step is a reverse image search, which looks for earlier or identical copies of the picture elsewhere. The catch is that no engine indexes the whole web, so run several: Google Lens, TinEye, Yandex, and Bing Visual Search each return different results, and TinEye is especially useful because it can sort by oldest match, pointing you toward the original. For a video, the InVID-WeVerify verification plugin, a browser tool built for exactly this by an EU research project, fragments a clip into still keyframes you can reverse-search the same way.

A match can show you the photo is older than claimed, or appeared first in an unrelated story. But absence of a match proves nothing: a genuinely new photo has no earlier copies, and a cropped, mirrored, or recoloured image often slips past the engines entirely. Use a hit as evidence, never a miss.

Geolocate and chronolocate

If the image claims a place, test it. Geolocation matches visible cues, signage, architecture, mountains, road markings, against satellite and street-level imagery to confirm or break the claimed location. Chronolocation does the same for time, using shadow direction and length, weather records, or visible dates and events. These techniques are slow and depend on the image actually showing usable detail, but when they work they are hard to argue with, because the physical world is difficult to fake convincingly.

Read the metadata, with suspicion

If the file still carries EXIF metadata, it can corroborate or contradict the story with a timestamp, GPS coordinates, or a camera model. Treat all of it as a claim to verify rather than a fact, because every field can be rewritten and most platforms strip it on upload anyway. Metadata that survives and agrees with your other findings adds confidence; metadata alone settles nothing. The reasons are in Can EXIF data be faked?.

Where the workflow fails

Each step has a blind spot, which is why they are run together. Reverse search misses uncatalogued, cropped, or lightly edited images. Geolocation needs identifiable scenery and fails on a plain interior or a close-up. Metadata is usually gone. And none of this addresses whether the image was generated by AI rather than photographed, which is a separate question handled by dedicated AI-detection methods. If you do suspect the pixels themselves were manipulated, that is the companion check in How to tell if a photo has been edited.

The discipline this workflow enforces is writing the conclusion as a confidence level tied to specific evidence, “this photo appears online from two years before the claimed date,” not “fake.” Work from the outside in: reverse-search first to test context, then geolocate and chronolocate to test the place and time, and read any surviving metadata last, as corroboration rather than proof. A single source, including the image file itself, is never enough to settle it, which is why verification sits alongside the file-level checks in what forensics can learn from a file.

Sources

#verification#osint#reverse-image-search