PDF tamper detection API for lending and compliance teams.
Reads the file. Not the page.
Catch tampered bank statements, fake payslips, and forged invoices your KYC platform misses. 1 in 5 fraudulent documents passes manual review undetected — and fraudsters actively engineer ways to stay invisible.
50 forensic checks across metadata, file structure, and digital signatures — verdict in under 3 seconds.
By continuing you accept our Terms & Conditions. Maximum PDF file size is 10 MB.
The detection gap
KYC platforms check the document. HTPBE? checks the file.
Two different checks — both matter.
KYC & identity platforms
Plaid · Persona · Alloy · Jumio
- Is this a real bank statement template?
- Does the account number match the identity?
- Is the document format consistent with the issuing bank?
Detects fake documents. Does not detect edited real documents.
HTPBE? tamper detection API
Structural PDF integrity
- Was this specific PDF file modified after it was generated?
- Do metadata timestamps match the file structure?
- Were digital signatures valid at the time of signing?
Catches edits invisible to visual review and template checks.
Use Cases
One undetected edit costs more than a year of prevention
One API, three critical document workflows.
Bank Statement Fraud detection
One approved loan on an edited bank statement costs $15K–50K in bad debt. Catch edited balances and fabricated transaction histories before approving a loan application.
Learn more →Invoice Fraud detection
Average BEC invoice fraud loss: $130,000 per incident. Detect bank account swaps and amount changes in vendor invoices before payment is processed.
Learn more →Certificate & Diploma Fraud detection
Cost of a bad hire based on fake credentials: $50K+ in recruiting, onboarding, and severance. Expose edited academic credentials and professional certificates submitted during hiring or onboarding.
Learn more →Scale Your Fraud detection
Your team processes hundreds of documents. Automate the integrity check.
One edited bank statement that slips through underwriting costs $15K–$50K in bad debt. HTPBE? runs 50 tamper detection checks per document via REST API — results in seconds, no original file needed.
View API plans50 tamper detection checks
per document, across metadata, structure, and signatures
Under 3 seconds
per document at any volume — 30 to 1,500+/month
Works alongside your KYC stack
Plaid, Persona, Alloy — the structural layer they don’t cover
Customer Stories
Teams that stopped document fraud
Compliance, finance, and risk teams use HTPBE? to catch manipulated PDFs before they become costly mistakes.
Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.
Sarah M.
AP Manager
United States
We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.
Lars V.
Risk Analyst, Online Lending
Netherlands
Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.
Priya K.
HR Operations Lead
India
Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.
Julien R.
Fraud Analyst, Fintech
France
Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for checked originals when something is flagged. Already saved us from a few bad decisions.
Marta S.
Compliance Coordinator
Spain
One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.
Tariq A.
Finance Manager
United Arab Emirates
FAQ
Frequently Asked Questions
Get answers to common questions about PDF authenticity checking.
What is HTPBE?, and what does it do?
HTPBE? (Has This PDF Been Edited?) is a free online service that detects whether a PDF document has been modified after it was originally created. Upload your PDF and get an instant result in seconds — no registration, no payment, no technical knowledge required. Files up to 10 MB are supported.
The service analyzes the PDF’s internal structure, metadata, and creation history to detect any signs of post-creation modifications. Results come in three states: Intact (no modification found), Modified (modification detected), or Cannot Determine (the PDF was created with consumer software such as Microsoft Word or Google Docs, where anyone can create a document from scratch).
How HTPBE? works
HTPBE? uses multi-layer forensic analysis to detect post-creation modifications. The system examines:
- PDF metadata — creation and modification timestamps, creator and producer applications, PDF version
- Internal file structure — byte-level evidence of modification, xref tables, incremental update sections
- Digital signatures — presence, validity, and post-signature modifications
- Embedded content — JavaScript, hidden file attachments, and other suspicious elements
The detailed metadata and findings on the result page explain the reasoning behind each verdict.
Common use cases
HTPBE? is used across many real-world situations:
- Financial & payments: bank transfer receipts, payment screenshots, invoices from suppliers, expense receipts, financial statements
- Business & legal: contracts, business agreements, court documents, legal notices
- Academic & professional: educational certificates, diplomas, academic transcripts, professional licenses
- E-commerce & marketplaces: shipping confirmations, order confirmations, return and refund documentation
In every scenario, HTPBE? provides a quick first check to identify potentially tampered documents, helping you make safer decisions in transactions and business dealings.
Who uses HTPBE?
The service is used by anyone who receives PDF documents and needs to trust their authenticity before making a decision:
- Online sellers and marketplace vendors checking payment confirmations from buyers before shipping
- Freelancers and independent contractors validating client payment receipts and invoices
- Small business owners reviewing invoices and financial documents from customers and suppliers
- HR and recruitment professionals checking certificates, diplomas, and credentials from job applicants
- Landlords and property managers validating tenant payment confirmations and rental receipts
- Accountants and bookkeepers reviewing expense receipts and financial paperwork
- Legal professionals performing preliminary checks on document integrity
- Lending and risk teams using the API to detect edited bank statements at scale
Is it free?
Yes — the web tool at htpbe.tech is completely free and unlimited for manual checks. You can upload PDFs up to 10 MB, receive instant analysis, and access detailed results including metadata, findings, and modification verdict. No registration, no payment, no quota.
For developers and businesses needing programmatic access, the API offers monthly subscription plans starting at $15/mo. The free web tool does not consume any API quota.
Is it safe?
Yes. HTPBE? is built around a strict privacy model:
- Files are never read. The service analyzes only the technical file structure — metadata, xref tables, signatures — and never extracts or reads document content. Sensitive contracts, financial statements, and personal records remain confidential.
- Files are deleted automatically. Uploaded PDFs are stored temporarily in encrypted cloud storage solely for the duration of the analysis and are permanently purged after processing.
- Encrypted in transit. All uploads and result pages use HTTPS/TLS.
- Only metadata is retained. The result page stores the verdict, extracted metadata (filename, file size, dates, creator, producer), and structural findings — never the original file content.
What does HTPBE? stand for, and how do you pronounce it?
HTPBE? stands for Has This PDF Been Edited? — it is the product name, not a random code.
How to say it: pronounce it letter by letter: H-T-P-B-E (like “FBI” or “API”). That is the clearest option for calls, support, and demos because the letters do not spell one obvious English word.
For what the service actually checks, see What is HTPBE, and what does it do?
How is HTPBE? different from KYC platforms like Onfido or Persona?
KYC platforms check that a document looks authentic — correct template, matching identity, valid format. HTPBE? checks whether the specific PDF file was modified after it was generated. These are different layers of fraud detection.
A bank statement can pass every KYC template check and still have edited balances. HTPBE? detects the modification at the file structure level — xref tables, incremental updates, producer field inconsistencies.
What does the API response look like?
The API returns a structured JSON verdict: INTACT, MODIFIED, or INCONCLUSIVE. For modified documents, the response includes specific modification_markers — the named forensic signals that triggered the verdict, such as “Multiple xref tables detected” or “Incremental update chain length: 3”.
No black-box scores — every verdict is explained. See the full response schema at github.com/htpbe/docs.
How much does each document check cost?
Plans are monthly subscriptions: Starter at $15/mo (30 checks), Growth at $149/mo (350 checks), Pro at $499/mo (1,500 checks). There is no per-check billing — your quota resets monthly.
The free web tool at htpbe.tech is unlimited for manual checks and does not consume API quota.
Do you offer test API keys?
Yes. Test keys (htpbe_test_...) are available on all plans including before you subscribe. They return deterministic synthetic results for integration testing and do not consume monthly quota.
Test keys only accept test URLs — they cannot be used to analyze real documents.