OpenAI's new Images 2.0 model, deployed to 900 million weekly active users, generated its first documented financial forgery within 24 hours when a user created a photorealistic fake UCO Bank cheque with authentic MICR codes.
On Tuesday, OpenAI released a new image generator into the world. Within a day, someone had used it to fabricate a bank cheque.
The fake cheque, purporting to be from UCO Bank, an Indian public sector lender, spread across social media within hours of the model going live. The image included MICR codes, the routing and account numbers printed at the bottom of a cheque that banks use to verify authenticity. The creator posted that they had used "certain tricks" to bypass the safety restrictions that are supposed to prevent the tool from generating documents designed to deceive, according to LatestLY, which reviewed the posts.
ChatGPT Images 2.0, as the new model is called, can now generate photorealistic images that are difficult to distinguish from photographs. OpenAI was not subtle about this. In the promotional livestream, CEO Sam Altman called it "like going from GPT-3 to GPT-5 all at once," according to Gizmodo. Before launch, the company shared an AI-generated image on X that mimicked a desktop screenshot of Google Chrome running on a MacBook. It was not a bug. It was the point, Business Insider reported.
The model is now available to roughly 900 million weekly active ChatGPT users, a figure OpenAI announced in February. The free tier can generate images; the paid tiers, Plus, Pro, and Business, unlock a thinking mode that OpenAI says produces more accurate and detailed results. The thinking mode is not available to free users, according to CNET.
OpenAI acknowledges that C2PA metadata, a standard designed to certify that an image originated from a particular device or software, is attached to Images 2.0 output. The company also acknowledges this is not a silver bullet. "Metadata like C2PA is not a silver bullet to address issues of provenance," the company's help documentation states. The metadata can be stripped by saving the image in a different format, a step that takes seconds.
The UCO Bank incident is the first documented case of someone using Images 2.0 specifically to generate what looked like a financial document intended to deceive. It does not appear the cheque was used in any attempted fraud. It was posted publicly, generating alarm rather than transactions. But the point stands: the guardrails OpenAI built into the model did not prevent a user from producing something designed to look like a real instrument of the financial system.
OpenAI did not respond to a request for comment by deadline.
The broader context is not new. A study published in the journal Radiology in March found that radiologists identified AI-generated X-ray images only 41 percent of the time when they were not told to look for synthetic images. After being informed the dataset contained fakes, their accuracy rose to 75 percent. The study used GPT-4o to generate the synthetic images, the predecessor to the model that now powers Images 2.0. Images 2.0 is a significant jump in photorealism, which means the detection problem documented in that study has almost certainly gotten harder, not easier.
The Electronic Frontier Foundation, a digital rights organization, told Business Insider that the model itself does not raise copyright issues that are legally distinct from those already raised by prior versions. OpenAI is already defending more than a dozen copyright suits from writers and news outlets including The New York Times and George R.R. Martin. The company has also scrapped its video generator Sora to cut costs ahead of a potential IPO, according to people familiar with the matter, as Gizmodo reported.
What is new in April 2026 is the combination of capability, scale, and demonstrated intent to use it in the worst way the technology permits. OpenAI put the tool in 900 million hands. Someone immediately demonstrated it could be used to forge financial documents. The question the company has not answered is what happens when the next person to try it is not posting it for engagement, but for a transaction.
The bank clearing system was not designed for a world where any smartphone can produce a near-perfect fake of a physical instrument. Neither were the verification processes at hospitals, insurance companies, or courts. Those systems are now operating on the assumption that photographic evidence carries a baseline guarantee of authenticity. That assumption is obsolete. The only question is how long it takes for the institutions that rely on it to figure that out.