Deepfake detection: who answers for the margin of error?

A growing number of companies that seriously evaluate deepfake detection end up at the same place. They run the pilots, they read the vendor accuracy claims, and then they decide not to make detection their only control. The market keeps selling these tools as the answer to one question, "is this content authentic?", but the answer always comes back as a probability, never a yes or no.

That is the catch. A deepfake detection tool does not tell you a video is real. It tells you it is "76% likely authentic", or "94% likely manipulated". The number moves depending on the file, the model, the compression, the day. And accuracy in the wild is far lower than the lab figures suggest: on real-world content, top detectors lose roughly half their performance, with the best commercial systems landing around 78% (Deepfake-Eval-2024, arXiv 2503.02857).

So here is the question nobody selling detection wants to answer. If the number never reaches 100%, who signs off on the gap? Someone has to take responsibility for the residual margin, the uncovered 24%. You cannot build a serious, repeatable process on a score that nobody can stand behind. The way out is not to get better at spotting the fake after the fact. It is to guarantee the authenticity of the data upstream, at the moment of acquisition, so there is no margin left to police.

What a "76%" verdict really means

A deepfake detection verdict is a probability estimate, not a finding of fact. The tool outputs a confidence score that reflects how closely a file matches the patterns it was trained on. It does not, and cannot, certify that the content is genuine.

Detection gives probabilities, not certainties

A probabilistic verdict is a statistical estimate of how likely a piece of content is authentic or manipulated, expressed as a confidence percentage. It is produced by a model comparing the file against learned patterns. It is not proof: it carries an inherent error rate, shifts with input quality, and offers no guarantee that the specific item in front of you was judged correctly.

Even the strongest commercial claims stay short of certainty. ScamAI advertises 95.3% accuracy, others push toward 99%, but none reach 100%. Worse, the scores are not calibrated likelihood ratios, which means they are not forensically defensible the way a court expects evidence to be (Nature Scientific Reports). A high number feels reassuring. It is still a guess with good PR.

The 24% the tool leaves uncovered

Every percentage point below 100 is a real-world case the tool may get wrong. A detector once returned 96.9% "fake" confidence on a video that was completely authentic. High score, total miss. Human reviewers, for reference, reach around 90% on the same real-world material, ahead of the best machines.

That uncovered slice is not a rounding error. It is the set of decisions where a confident tool quietly hands you a wrong answer, and where someone downstream has to carry the consequences.

Who takes responsibility for the margin of error

The margin of error always lands on a person, never on the tool. A detector produces a score and stops. A human has to read that score, decide what it means for this specific claim or document, and put their name on the outcome. That single fact is what makes detection so hard to operationalize.

Even when it "gets it right", the detector never signs off on 100%

A correct verdict and a certain verdict are not the same thing. When a detector flags a manipulated video and happens to be right, it still only ever said "94% likely". The remaining 6% sits there as institutional risk. No vendor signs a guarantee that the call was correct, because the math does not allow it. So the assurance you actually have is statistical, not evidentiary, and statistics are a poor witness.

A misjudgment always has a name attached

When detection is wrong, the cost does not land on the algorithm. It lands on the claims adjuster who approved a fraudulent payout, the compliance officer who cleared a synthetic identity, the lawyer who introduced contested evidence. Gartner projects that around 30% of enterprises will stop trusting standalone deepfake detection for identity verification by 2026, and this is precisely why: accountability cannot be outsourced to a confidence score.

Why this makes the process non-automatable

This is the core of the problem. A process built on a probabilistic score can never run on its own, because every score needs a human to interpret the margin and own the decision.

Automation requires three things: the same input produces the same output, every time, with a result you can defend later. Detection breaks all three. The output is a moving number, so it is not repeatable. The margin demands judgment, so a person must always step in. And because that judgment is discretionary, you cannot defend the decision twice the same way, which means it does not scale. You do not have a pipeline. You have a queue of unique calls, each one resting on someone's signature over a gap they did not create and cannot close. Detectors also disagree sharply with one another on AI-related content (NewsGuard), so even "ask another tool" just adds a second opinion to adjudicate.

Where the margin of error becomes a real problem: sectors and processes

The cost of the margin scales with what is riding on the decision. In high-stakes processes, a wrong probabilistic call is not an inconvenience, it is a financial loss, a regulatory breach, or inadmissible evidence. The pattern repeats across industries: someone signs the gap, and the error has a price.

In insurance, AI-edited photo fraud in claims jumped 280% from 2024 to 2025, and 36% of consumers say they would submit a manipulated photo (Verisk). In financial services, deepfakes already account for 11% of all fraud in 2025, with synthetic identity kits selling for around $15 (Sumsub). In real estate, FBI-tracked losses tied to manipulated documentation rose from $173M in 2024 to $275M in 2025. In the legal arena, a 2025 Alameda County case involving deepfake testimony showed how easily the "liar's dividend" lets a genuine record be dismissed as fake.

Sector Process at risk Cost of a misjudgment What's actually needed
Insurance Photo and video evidence in claims Fraudulent payouts, +280% AI-edited claim fraud Authentic, certified-at-source claim evidence
Financial services KYC, onboarding, identity documents Cleared synthetic identities, regulatory exposure Identity data certified at the point of capture
Real estate Handover reports, photographic documentation Disputes years later, $275M in tracked losses Documentation provable and intact over time
Public sector / legal Filings, documentary evidence, admissibility Evidence excluded, cases collapse Court-ready data with verifiable chain of custody

Notice the last column. It never asks for a higher detection score. It asks for data that was authentic and certified before anyone needed to question it.

TrueScreen certified insurance claims evidence

Use case

Insurance Claims: Certified Digital Evidence for Assessment and Settlement

See how TrueScreen certifies claim photos and videos at the point of capture, removing the margin instead of policing it.

Discover more →

Detection is a chase you can't win

Detection accuracy is structurally unstable because it depends on recognizing what generative models produce, and those models keep changing. It is a defensive game played against an opponent that updates faster than the defense can.

A "good" AI chasing a "bad" AI

A detector is one model trained to catch the output of other models. The moment a new generator appears, the detector is working from yesterday's patterns. Against custom generative models built specifically to beat detection, accuracy has been measured dropping by as much as 53.92% (MDPI Applied Sciences). The chaser is always a step behind by design.

The more generative models grow, the more unstable recognition becomes

The volume tells the story. Online deepfakes are projected to climb from roughly 500,000 in 2023 to about 8 million in 2025. Each new architecture is a fresh distribution the detector has not seen. As generation diversifies, recognition does not get steadily better, it gets more brittle, because there is more variety to keep up with and less time to adapt.

Accuracy as a moving target, not a foundation

Detection accuracy is a moving target: a metric that degrades over time and across content types rather than holding as a stable baseline. Studies show top detectors losing close to half their accuracy on real-world content versus academic benchmarks, with further drops against adversarial generators. You cannot anchor a legal or compliance process to a number that erodes every time the other side ships a new model.

This is the quiet reason detection makes a weak foundation. You would be building permanence on something engineered to decay.

What makes a process truly reliable: deterministic, repeatable, defensible

A reliable process is deterministic, repeatable, and defensible: the same input yields the same output, the result holds up on review, and it can be reproduced by a third party. Probabilistic detection satisfies none of these. Forensic acquisition and certification satisfies all three.

Same input, same output: the difference between probability and proof

Upstream data authenticity means certifying a digital content at the moment of acquisition, capturing it with a forensic methodology that records its integrity, origin and timestamp from the start. Instead of asking later "is this fake?", you establish from the first second that the data is authentic, intact and traceable. There is no probability score and no residual margin: the content carries its own proof.

Proof does not fluctuate. A forensic copy hashed and certified at capture returns the same result on every verification, by anyone, forever. That is the line between a 76% opinion and evidence.

Chain of custody and legal value

Legal value comes from an unbroken chain of custody, not from a confidence percentage. Under the EU framework, a qualified electronic seal carries a presumption of integrity (eIDAS, art. 35), and a qualified timestamp stays verifiable for a minimum of 20 years (eIDAS, art. 41). The EU AI Act adds mandatory labelling of synthetic content from 2 August 2026 (art. 50). A process that documents acquisition, integrity and time produces something admissible. A score does not.

What it means to guarantee a data's authenticity upstream instead of recognizing it downstream

Guaranteeing authenticity upstream means certifying content at the source, so its integrity is established before anyone has a reason to doubt it, rather than estimating after the fact whether it was faked. This is the reversal at the heart of the whole argument. Detection asks "is this fake?" and lives with a margin it can never fully close. Upstream certification asks a different question entirely: "is this data authentic, intact and traceable from the moment of acquisition?". TrueScreen, the forensic acquisition and certification platform, is built around that second question. It captures digital content with a forensic methodology, records its integrity and origin, and applies a qualified seal and timestamp with legal value, so the proof travels with the data. Picture the insurance adjuster who receives claim photos already certified at the point of capture. There is no score to interpret and no gap to sign, because authenticity was settled before the file ever reached a desk. Removing the margin beats policing it, every time.

From "is it fake?" to "is it authentic, intact and traceable from acquisition?"

The shift is from suspicion to certainty. Asking "is it fake?" puts you forever on defense, reacting to whatever was generated, accepting a residual error you have to staff around. Asking "is it authentic from acquisition?" puts the proof at the source, where it is cheap and final. One question generates a margin. The other never creates it. This is why deepfake detection alone isn't enough and why it pays to certify the source of content: the difference is guessing versus knowing.

Why removing the margin beats policing it

Policing a margin means paying forever: reviewers, escalations, disputes, the standing risk of the wrong call. Removing it means paying once, at capture, and never carrying the liability downstream. A deterministic, certified record does not need a human to vouch for a probability, because there is no probability to vouch for. That is what makes the process scalable: it is the same on the millionth file as on the first. For the broader context, our guide to deepfakes covers how the threat evolved and why the answer moved upstream.

FAQ: deepfake detection and data authenticity

Are deepfake detection tools reliable?
Only up to a point. On real-world content, leading detectors lose close to half the accuracy they show on academic benchmarks, with the best commercial systems around 78% (Deepfake-Eval-2024). They return a probability, never a certainty, and their accuracy degrades as new generative models appear. They can support a workflow, but they are not reliable enough to be a sole control.
Why isn't a probabilistic verdict enough as proof?
Because proof has to be repeatable and defensible, and a probability is neither. Detection scores are uncalibrated estimates, not likelihood ratios, which makes them forensically weak (Nature Scientific Reports). A verdict of "76% authentic" leaves a margin that a person must interpret and sign, so the same file can yield different decisions. Evidence cannot rest on a number that moves.
Can deepfake detection be automated in a business process?
Not on its own. Any process built on a confidence score requires a human to interpret the residual margin and own the decision, which makes it non-repeatable and hard to scale. Detectors also disagree with each other on AI-related content (NewsGuard). True automation needs a deterministic input, which detection by design cannot provide.
How do you guarantee a digital content is authentic and legally valid?
By certifying it at the source with a forensic acquisition methodology, instead of judging it afterward. Capturing content with its integrity, origin and timestamp recorded from the first moment, then sealing it with a qualified seal and timestamp, produces a record with legal value (eIDAS, arts. 35 and 41). The authenticity is established upstream, so there is no margin to police later.

Stop policing the margin. Certify authenticity at the source.

TrueScreen captures and certifies digital content at the moment of acquisition, with a forensic methodology, a qualified seal and a timestamp with legal value. No probability score, no residual margin to sign.

mockup app