When automated verification fails: what the 2026 conflict disinformation teaches us
Images and video are the most immediate proof of what happens in the world. A single frame can travel further and land harder than any written statement. That certainty broke down during the conflict that erupted between the United States, Israel and Iran in 2026. AI disinformation in visual form exploded at a scale never seen before, and for the first time the automated verification tools meant to contain it got the answer wrong, flagging real footage as fake and passing synthetic material off as authentic. If even automated verification can no longer separate the real from the fabricated, one question becomes unavoidable: how do you establish what is genuine?
The answer cuts against instinct. You do not defeat AI-generated disinformation by chasing the fake after it has already spread. Detecting manipulated content after the fact is a race lost before it starts, because generators improve faster than detectors. The only defense that holds is to flip the problem: certify the truth at the source, at the very moment content is captured.
Visual disinformation at industrial scale: what happened in the 2026 conflict
The 2026 conflict turned visual disinformation from a cottage activity into industrial output. With the US and Israeli offensive against Iran, which began on 28 February 2026 with the operation "Operation Epic Fury", social feeds filled with AI-generated video and photos depicting events that never happened, at a volume and quality that made manual screening impractical.
One hundred million views for AI-generated content
Synthetic content tied to the conflict reached numbers that would have been unthinkable a few years earlier. According to fact-checks by BBC Verify, AI-generated fake videos related to the war together surpassed 100 million views. A single coordinated pro-Iran disinformation campaign racked up over 145 million views and more than 9 million interactions within days, as documented in the record of disinformation during the 2026 Iran war. The shift was not only quantitative. The quality of synthetic content had become good enough to make recognition by eye unreliable, even for trained eyes. Newsrooms, communicators and information-security teams faced a stream too fast and too plausible to filter with traditional source-checking. AI-driven fake news stopped being an isolated incident and became a permanent background noise, one in which every image is potentially suspect.
When automated verification tools get it wrong: the Grok and Gemini case
The real story was not that the fakes were convincing, but that the tools built to expose them failed. When users asked Grok (xAI) and Google Gemini to verify where images came from, the two systems produced wrong and contradictory answers.
The Guardian documented a telling case. A photo of the mass burial of victims of the Minab school attack was described by Gemini as an image of victims of the 2023 Turkey-Syria earthquake, while Grok attributed it to COVID-19 victims in Jakarta in 2021. The same real photograph, two different automated verdicts, both false. Reuters also reported a deepfake image of a dead Iranian leader circulating as an original photo. The paradox runs in both directions: automated content verification labeled as fake what was authentic, and as authentic what had been manipulated. Anyone relying on an AI image verification tool to get their bearings received illusory certainty. When the checking tool itself becomes a source of error, the problem is no longer only disinformation: it is misplaced trust in the very instruments meant to counter it. This is where the 2026 conflict exposed the structural limit of the detection approach.
Why detecting the fake is a losing race
Detecting the fake after it spreads is a fight lost by design. It is not a matter of poorly written detectors or algorithms that are still immature: it is a structural asymmetry between whoever generates synthetic content and whoever tries to recognize it. Every improvement in detectors immediately becomes training material for more refined generators.
Generators improve faster than detectors
Reactive detection is structurally losing because the two sides of the race do not run at the same speed. Generative models are trained against detection systems too: every time a detector learns to spot an artifact typical of synthetic content, the next generation learns not to produce it. It is an adversarial dynamic in which the attacker always has the last move. The timeline of the 2026 conflict confirms it in the field: despite the availability of advanced systems like Grok and Gemini, deepfake 2026 content circulated freely and the automated systems made crude errors. The most expensive precedent predates the war and shows the stakes outside the information sphere: in February 2024 a video-call fraud built on a deepfake stole about USD 25 million from a multinational based in Hong Kong, as reconstructed by CNN in the fake video-conference case. If a detector catches 99 percent of fakes, that remaining 1 percent, multiplied by hundreds of millions of views, still produces enormous harm. A defense that must guess right every time against an adversary who needs to succeed only once is a defense already condemned.
The technical limits of automated image verification (reverse image search, metadata)
On a purely technical level, automated verification starts at a disadvantage. A detector works on statistical clues: traces left by the generation process, inconsistencies in reflections, anomalies in the pixels. These clues are fragile. A recompression, a crop, a hop from one platform to another are enough to alter the traces the detector relies on. Other after-the-fact checks share the same weakness. Reverse image search finds only copies already indexed: faced with synthetic content never seen before, it is blind. And the metadata that should say where a file comes from vanishes, or gets falsified, on the first upload to a social platform. The absence of anomalies proves nothing either: content can be synthetic and show no signal, or authentic and look suspicious after a simple format conversion. Verifying whether an image is AI-generated means working on probabilities, not certainties, and on probabilities that worsen as generators improve. Asking "does this content look fake?" is already the wrong question, because it assumes the fake always leaves a recognizable trace. In 2026 that premise collapsed.
The paradigm shift: certifying the truth at the source
The solution is not to build better detectors but to change the question. Instead of asking whether content is fake, you need to be able to prove that content is real, and to prove it with evidence gathered the moment the content is created. That moves the defense from reactive to preventive: you do not chase the fake after it spreads, you certify the truth before.
From reactive defense to preventive certification
The paradigm needs to be inverted. Until yesterday content was considered true until proven false; today every piece of content is potentially unreliable until its authenticity is guaranteed. Reactive defense implicitly accepts the attacker's rules of the game, always running a step behind. Preventive certification refuses them: it does not try to establish whether a file circulating online has been manipulated, but starts from content whose origin, date and integrity are attested from the outset. The difference is the same one between trying to spot a counterfeit banknote and printing banknotes with security features built in. In the first case you are always exposed to more skilled counterfeiters; in the second the guarantee is built into the content. Whoever produces information, whether a newsroom, a business or an institution, can stop chasing the debunking and start putting into circulation content that already carries positive proof of the truth.
The two approaches can be set side by side, point by point.
| Criterion | Detecting the fake | Certifying the truth |
|---|---|---|
| Moment of intervention | After it spreads | At the moment of capture |
| Logic | Reactive: chases manipulated content | Preventive: attests origin, date, integrity |
| Basis of the decision | Probabilities and statistical clues | Cryptographic, defensible proof |
| Effect of AI progress | Worsens: generators outrun detectors | Irrelevant: the guarantee is already embedded |
| Outcome for the communicator | Late debunking, doubt already spread | Content verifiable from the first instant |
| Burden of proof | Falls on whoever defends authenticity | Discharged by the eIDAS-compliant electronic seal |
There are also market standards that work on the transparency of content provenance, such as C2PA and Content Credentials, which attach metadata about where a file comes from. These are useful initiatives on the labeling front, but they remain a different thing from certifying image authenticity with full legal value at the moment of capture.
What certifying at the moment of capture means
Certifying at the moment of capture means gathering the proof of authenticity at the precise instant a photo or video is captured, not afterward. It is the most delicate moment and, at the same time, the most valuable: before the content can be altered, recompressed or put back into circulation, its origin, exact date and time, and the state of the data are recorded in verifiable form. This is possible only in a controlled capture environment, where the content does not pass through intermediaries that could compromise it. The result is content that does not need to be "recognized as true" by a detector, because it carries the proof of its own authenticity. The reversal is total: it is no longer a matter of establishing after the fact whether something is fake, but of guaranteeing from the start that something is authentic. This is the concept behind certifying at the source.
What certifying content at the source means
Certifying content at the source with TrueScreen means applying, at the very moment a photo or video is captured, an electronic seal that attests its origin, date and integrity. The mechanism unfolds in three steps: the content is captured in a controlled environment that records its capture conditions; a qualified timestamp and a cryptographic hash are applied to it, sealed through a third-party qualified QTSP compliant with the eIDAS Regulation; the result is content whose authenticity can be verified by third parties at any time. TrueScreen certifies the origin, date and integrity of photos and videos at the moment of capture: it integrates the seal of qualified QTSPs, it does not issue it. The practical implication is decisive: there is no longer any need to detect the fake afterward, because the truth is already proven. Instead of chasing the fake, TrueScreen, the Data Authenticity Platform, certifies the truth at the source, available as an app, a web platform, an API and an SDK.
Electronic seal on photos and videos: origin, date, integrity
The electronic seal applied by TrueScreen attests three inseparable elements of a piece of content: where it comes from, when it was captured, and that it has not been modified after capture. Origin ties the content to the device and the capture context; the date rests on a qualified timestamp, which anchors the content to a certain, defensible instant; integrity is guaranteed by the cryptographic hash, a unique fingerprint that changes at the slightest edit and therefore makes any later alteration detectable. Unlike a detector, which forms a probabilistic hypothesis about a file already in circulation, the electronic seal estimates nothing: it certifies a fact that occurred at a precise moment. For a newsroom this means being able to distinguish, in verifiable form, its own authentic content from the sea of synthetic material surrounding it. The seal covers photos, video, audio and screenshots. When instead a person subscribes a document, that is a digital signature, which is a different matter entirely.
A defensible chain of custody
With TrueScreen a newsroom can produce content with a defensible chain of custody, verifiable by third parties. The chain of custody is the documented history of a piece of content from the moment of its creation: who captured it, when, under what conditions and with what integrity guarantees. Content certified at capture carries this history in verifiable form, and that determines its value when it truly counts. A video certified at the source is not worth the same as any clip found online: it is an element whose origin, date and integrity can be asserted against anyone who contests its authenticity, because they are anchored to an eIDAS-compliant electronic seal applied through a qualified QTSP. In the information environment of 2026, where any image can be called into doubt, having content with a defensible chain of custody is what separates a claim from proof. There is no need to persuade anyone that content is real: you can prove it. This is the principle behind certified journalism too, where the value of the material produced depends on its verifiability.
A concrete example. A newsroom publishes, in real time, footage shot by its own reporter in a conflict zone. With the reactive approach it publishes and then waits: if the footage is questioned, the debunking arrives hours or days later, when it has already collected millions of views and the doubt has settled in. With certification at the source, the reporter captures the footage already certified, with origin, date and integrity attested from the first instant. The newsroom does not have to defend itself against an accusation of forgery: it puts into circulation content with defensible proof built in. Time works in favor of whoever certifies.
What changes for newsrooms, businesses and institutions
For those who produce and distribute information, the paradigm shift has immediate operational consequences. Newsrooms can turn the ability to capture certified content into a reputational advantage, distinguishing their material from the synthetic noise. Businesses can protect sensitive communications and visual documentation from disputes and fraud like the Hong Kong case. Institutions can anchor official communications to verifiable proof, which is exactly what certified institutional communication is built for. The logic is always the same: stop defending against the fake and start guaranteeing the truth, as we argued in a deeper look at AI-generated disinformation.
AI content transparency and the AI Act
The regulatory framework is moving in the same direction, but it is not enough on its own. The EU AI Act, Regulation EU 2024/1689, under Article 50 on transparency obligations requires flagging content generated or manipulated with artificial intelligence, with obligations applying from 2 August 2026. On 10 June 2026 the European Commission published the Code of Practice on the transparency of AI-generated content. Labeling synthetic content is necessary, but it is not sufficient: it says that something is artificial, it does not prove that something else is authentic. Transparency flags the fake; certification at the source proves the truth. The two are complementary, and the second is the one that automated detectors, as the 2026 conflict showed, are unable to offer. Anyone who wants to understand better why detection tools are unreliable finds indirect confirmation in the regulation: if detection were enough, there would be no need to mandate transparency by law. The same reasoning underpins the case for treating content provenance as a first-class requirement.

