I have a form in which the user submits two images. I use data from the two images to determine the authenticity of those images, I use hints from both images to determine if they have been tampered with. I am confident that the system I have developed will provide a reliable result. The question is, should I provide feedback to the user if I have determined that an image has been tampered with? The concern is that a malicious user could keep submitting images until it is accepted, thus diminishing the effectiveness of the system.

Another option, I can simply accept the tampered image, and treat it as such. The assumption here is that if a user has tampered with the image they have done so willfully, providing the user with another chance will either result in them giving up or trying again with anther tampered image. In both cases one is no better off. The risk is that the assumption doesn't hold, maybe my system has provided a false positive, or the user has misunderstood something and given a second they would correct the problem.

So maybe there is a hybrid option, where if the first attempt fails, the user is given one more chance, but then that is it.

A few additional points:
- With this system, once the image is accepted it is then shown to a subsequent user who then validates the contents. The plan is to provide a confidence score, regarding the veracity of the image, if the images is deemed to have been tampered with, then that score would be zero or very close to zero, but ultimately it would be up to the receiver of the image to make the decision to trust it or not.

- The user submitting the images has little incentive to do so. They would be doing this as a courtesy to the receiver. The more cumbersome the system is the more likely that user will be to give-up.

- The hybrid option requires the most work