A position authentication system utilizing the white noise like GPS spreading codes as tamper proof watermarks is described. Position authentication as used in this paper means the process of checking whether position reports made by a remote user are truthful and accurate. In the method proposed, a segment of the GPS signal collected by a trusted user (called the authenticator) is used as a template. Another user's (called the supplicant) GPS signal is compared with the template to judge if the user's position and time report is authentic. An analysis to explain how noise affects the watermark signal detection is presented. The paper also discusses an important implementation issue: Multiple false peaks caused by C/A power leakage which mask the detection of the watermark. Experimental results show that the authentication method proposed can detect deceptive position report and the resolution of the position authentication is at or better than 15 meters. This method may also be used in other GNSS system, for example Galileo, by utilizing the encrypted Public Regulated Service signal as the "watermark" signal.