Contents
- The fingerprint sits in the pixels, not the tags
- It survives ordinary processing, but it is extremely faint
- Reading it needs the device, references, and a threshold
- In the wild, even the state of the art is far from certain
- On modern phones, the uniqueness assumption is fraying
- Removal is a pixel operation, and forgery leaves traces
- Sources
Yes, within limits. A photograph can carry a fingerprint of the specific camera that produced it, written into the pixels rather than into any tag, so deleting every EXIF field does not remove it. That fingerprint, the sensor’s photo-response non-uniformity or PRNU, has anchored source-camera identification since Lukáš, Fridrich and Goljan (IEEE TIFS 2006). Its power is real but conditional: it needs the suspect device and clean reference images, it is statistical rather than certain, it erodes under heavy processing, and on modern computational-photography phones its founding assumption of uniqueness is now contested.
The fingerprint sits in the pixels, not the tags
PRNU is a pattern of minute sensitivity differences between the individual photosites on a camera sensor, an unavoidable by-product of manufacturing. It is effectively constant across every frame a sensor captures, so it fingerprints one physical device, not merely its model. Lukáš, Fridrich and Goljan (IEEE TIFS 2006) introduced it for camera identification, and Chen, Fridrich, Goljan and Lukáš (IEEE TIFS 2008) extended it into a test of image origin and integrity, calling it a unique stochastic fingerprint of imaging sensors. Mechanically it is a noise residual: for an image I and a denoising filter F, the fingerprint estimate is W = I − F(I), the image minus its own denoised version, which isolates the sensor pattern from the scene (Goljan, Fridrich, Chen, Proc. SPIE 7541, 2010). Learned variants push the same idea further, replacing the hand-tuned denoiser with a trained network, as in Noiseprint (Cozzolino, Verdoliva, IEEE TIFS 2020). Because all of this lives in the pixel values, stripping or rewriting the EXIF block, which is separate structured text, leaves it entirely intact.
It survives ordinary processing, but it is extremely faint
The fingerprint is robust to the handling most images receive. Goljan and Fridrich (Proc. SPIE 6819, 2008) report that it “survives a wide range of common image processing operations, including lossy compression, filtering, and gamma adjustment,” and describe the pattern as “biometrics for sensors.” That is why a re-saved, moderately compressed JPEG can still carry a readable trace, and why re-encoding a file is not the same as clearing it. What it does not tolerate is signal loss and desynchronisation: the same authors put the ratio between the fingerprint and the image at “-50dB or less,” so downscaling, strong compression and denoising progressively erase it, while cropping or rescaling knock it out of alignment.
Reading it needs the device, references, and a threshold
A trace existing is not a trace being usable. Matching a fingerprint requires the suspected camera, or a set of clean images known to come from it, to build a reference pattern, so PRNU confirms a suspicion rather than generating one. It also wants many references: the PRNU-Bench benchmark notes that the classical correlation method “typically requires more than 50 reference images” to estimate a fingerprint reliably (Croitoru, Hondru, Ionescu, 2025). The decision itself is statistical, declared only when a detection score exceeds a threshold. Goljan, Fridrich and Filler used the peak-to-correlation-energy score for this, applied rather than invented by them, and matched sensor fingerprints across 6,896 cameras and more than a million images, showing the method holds at scale (Proc. SPIE 7254, 2009).
In the wild, even the state of the art is far from certain
Under laboratory conditions, with the device in hand and good files, PRNU matching is strong. Under realistic ones it is not. PRNU-Bench, built from 126 sensors across 114 devices, some released in 2024, with only five reference images per device, found that classic correlation identified the correct camera in about 29% of cases, and the best new deep-learning model in about 74% (Croitoru, Hondru, Ionescu, 2025). The signal remains useful, but wild conditions are not a lab bench. Noiseprint answers a narrower question again, pointing at which model produced an image rather than which individual unit (Cozzolino, Verdoliva, IEEE TIFS 2020).
On modern phones, the uniqueness assumption is fraying
The method rests on the premise that two sensors, even of the same model, yield uncorrelated fingerprints, and computational photography strains that premise. Iuliani, Fontani and Piva (IEEE Access 2021) tested more than 33,000 Flickr images from 45 smartphone and 25 DSLR models and found that heavy in-camera processing introduces non-unique artefacts shared across devices, inflating false-alarm rates for brands including Samsung, Huawei, Canon, Nikon and Leica. Their warning is direct: “with the advent of computational photography, most recent devices heavily process the acquired pixels, possibly introducing non-unique artifacts that may reduce PRNU noise’s distinctiveness,” and their conclusion blunter still: “the effectiveness of PRNU based source identification on the most recent devices must be reconsidered.”
Removal is a pixel operation, and forgery leaves traces
Because the fingerprint is the residual a denoiser removes, the operations that suppress it are all pixel-level: downscaling, heavy re-encoding and above all denoising, each trading image quality for a weaker trace. Planting another camera’s fingerprint to misdirect attribution is possible, since PRNU behaves like a spread-spectrum watermark, but it is detectable: studying counter-forensics, Goljan, Fridrich and Chen found that “planting a sensor fingerprint in an image without leaving a trace is significantly more difficult than previously thought” (Proc. SPIE 7541, 2010). The realistic position, then, is that a photo can be tied to a camera with no metadata at all, but only when the device is available, the fingerprint survived the file’s handling, and the sensor is old enough for uniqueness to hold, a combination that fails more often than the technique’s reputation implies. If you want to reduce that trace rather than measure it, the pixel-level routine that weakens the fingerprint, downscaling, re-encoding and denoising, is in how to make a photo untraceable.
Sources
- Lukáš, Fridrich, Goljan (2006). Digital Camera Identification from Sensor Pattern Noise. IEEE TIFS 1(2):205-214.
- Chen, Fridrich, Goljan, Lukáš (2008). Determining Image Origin and Integrity Using Sensor Noise. IEEE TIFS 3(1):74-90.
- Goljan, Fridrich (2008). Camera Identification from Cropped and Scaled Images. Proc. SPIE 6819, Security, Forensics, Steganography, and Watermarking of Multimedia Contents X.
- Goljan, Fridrich, Filler (2009). Large Scale Test of Sensor Fingerprint Camera Identification. Proc. SPIE 7254, Media Forensics and Security.
- Goljan, Fridrich, Chen (2010). Sensor Noise Camera Identification: Countering Counter-Forensics. Proc. SPIE 7541, Media Forensics and Security II.
- Cozzolino, Verdoliva (2020). Noiseprint: A CNN-Based Camera Model Fingerprint. IEEE TIFS 15:144-159.
- Croitoru, Hondru, Ionescu (2025). PRNU-Bench: A Novel Benchmark and Model for PRNU-Based Camera Identification.
- Iuliani, Fontani, Piva (2021). A leak in PRNU based source identification. Questioning fingerprint uniqueness. IEEE Access 9.