Contents
Often, yes. AI-music detectors read a fingerprint that sits at fixed frequencies, and lossy compression, the MP3 or streaming codec a track has usually already passed through by the time you hear it, cuts exactly where that fingerprint lives. So a compressed AI song can slip past a detector that would have caught the original, and a clean file matters more than most people realize. The more a track has been re-encoded, streamed, or pulled from a video, the less a detector score means.
Why does compression hurt a music detector so much?
Because the evidence and the damage live in the same place. Afchar, Meseguer-Brocal, Akesbi and Hennequin (2025) showed that music generators stamp systematic peaks at fixed frequencies, and that deployed detectors key on exactly those peaks; how those detectors are built is set out in how AI music detectors work. A lossy codec like MP3 works by discarding detail the ear is least likely to miss, much of it high-frequency content, which is precisely where a large part of that fingerprint sits. Compression and detection are pulling on the same thread, and compression pulls harder: it can erase the generator’s fingerprint before the detector ever sees it. The same authors describe the asymmetry directly, anything that moves frequency content breaks the read, while time-domain edits largely survive.
How much accuracy is actually lost?
Enough to matter. Afchar, Meseguer-Brocal and Hennequin (2024) measured a detector that scores about 99.8% on clean audio falling under ordinary transforms:
| Transform | Detector accuracy |
|---|---|
| Clean | 99.8% |
| MP3, 64 kbps | 73.8% |
| Opus, 64 kbps | 64.6% |
| AAC, 64 kbps | 58.4% |
AAC at 64 kbps, a common streaming setting, pushes accuracy below 60%, close to a coin toss. A two-semitone pitch shift and added white noise land at 66.6% each, in the same danger zone. The singing-voice literature shows the same codec sensitivity from the other direction: the SingFake system rises from a 4.62% equal error rate, the point where false accepts and false rejects balance, on clean seen data to 13.62% once an unseen codec is in the chain (Zang, Zhang, Heydari, Duan, ICASSP 2024). And a commercial detector was fooled simply by resampling audio to 22.05 kHz, a change no listener would notice (Cros Vila, Sturm, Casini, Dalmazzo, 2025).
Does it only make fakes harder to catch?
That is the main effect, but the deeper point is that a compressed track makes the score unreliable in both directions. A compressed AI song can pass as real because its fingerprint was stripped. But a low “not AI” score on that same compressed track is not evidence of a human either, because the detector is now reading a corrupted version of the very pattern it depends on. A heavily re-encoded file simply carries less of the information a detector needs, so both a low score and a high score on it should be read with caution.
Do some detectors survive compression better than others?
Somewhat, and the difference is in what they read. Detectors built on large self-supervised speech models generalize across codecs better than ones leaning on a raw spectral fingerprint, and training on compressed audio helps a detector cope with compressed audio. The sharper contrast is with detectors that do not read the signal at all. Frohmann and colleagues (2025) classify a song by transcribing its lyrics, and because words survive compression, their method holds around 85 to 90% where a spectral detector collapses on an unseen generator, and stays stable under pitch, noise, and reverb. But “better” is not “immune”: every signal-based family loses ground to compression, and a codec has usually already touched the track before any of them see it.
What should you do about it?
Test the original file, not a re-encode. Whenever you can, run the untouched upload or export rather than a streamed rip, a screen recording, or a track pulled from a forwarded video, because each of those adds another layer of compression. Read a clean “not AI” result on a heavily compressed song as carrying little information rather than as a clearance, the same way a re-saved screenshot defeats an image detector. And corroborate: run a second method, ideally one that reads something other than the spectral fingerprint, look for provenance where it exists, and weigh the source, rather than leaning on one score from degraded audio, the first-pass procedure set out in how to tell if a song is AI-generated.
Sources
- Afchar, Meseguer-Brocal, Akesbi, Hennequin (2025). A Fourier Explanation of AI-Music Artifacts. ISMIR 2025.
- Afchar, Meseguer-Brocal, Hennequin (2024). Detecting Music Deepfakes Is Easy but Actually Hard.
- Zang, Zhang, Heydari, Duan (2024). SingFake: Singing Voice Deepfake Detection. ICASSP 2024.
- Cros Vila, Sturm, Casini, Dalmazzo (2025). The AI Music Arms Race: On the Detection of AI-Generated Music. TISMIR 8(1).
- Frohmann, Epure, Meseguer-Brocal, Schedl, Hennequin (2025). AI-Generated Song Detection via Lyrics Transcripts. ISMIR 2025.