Fake Super Statement Detection — Catch Edited AU Statements
A super statement balance can be edited in five minutes — and most reviewers will not notice. Property managers ask for super statements as backup income proof. Lenders use them as asset evidence. Visa applicants attach them as savings demonstrations. The fund-issued PDF is treated as authoritative, but the AustralianSuper, AwareSuper, HostPlus, REST, or Cbus original can be opened in any PDF editor, the balance bumped, and re-exported. The visual is unchanged. The file structure is not.
htpbe? analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t inspect holograms, phone photos, or ID biometrics. If your fraud problem is a digitally altered or fabricated super statement, we’re the most specific tool for it.
When htpbe? returns INCONCLUSIVE on a super statement, that’s itself a fraud signal in this context — real fund-portal exports always carry the fund’s institutional producer signature, never a desktop tool.
One REST call, one deterministic verdict
Upload the PDF. The API returns INTACT, MODIFIED, or INCONCLUSIVE with named markers — in about three seconds.
How fake and tampered super statements actually look
Three real fraud mechanics we catch at the structural PDF layer.
Balance edited after fund download
Authentic super statement from the fund portal opens in any PDF editor. Balance bumped from $42,000 to $142,000. Exported as PDF. Producer field changes from the fund’s document engine to whichever editor was used. Visual page renders identically; structural metadata flips.
Statement fabricated in Word from a template
A template lifted from a fund’s public sample, populated with the user’s name and a desired balance, exported. Producer is Microsoft Word; the structured fund metadata authentic statements carry is missing entirely.
Real statement with edited contribution history
Genuine fund statement with the contribution history rewritten to show consistent employer payments where there were gaps. Incremental update markers in the xref chain expose the post-issuance edit.
The scale
Why your existing checks miss this
AUSfund APIs verify the fund. They do not verify the file.
And applicants who edited the statement rarely consent to fund-side verification.
Funds operate their own portals; aggregators (Basiq, Frollo, Illion) handle Open Banking-style asset verification — but only when the applicant agrees to connect. Applicants who edited the file rarely do. AUSfund and ATO super lookups are not accessible to private property managers or lenders. htpbe? catches the super statement the applicant uploaded, regardless of whether fund-side or aggregator access is available — standalone, no fund API, no ATO lookup.
Five forensic layers, one deterministic verdict
Every PDF we receive passes through the same structural pipeline — no model training, no thresholds to tune.
Metadata analysis
Creation and modification timestamps, producer and creator fields, XMP metadata — the first layer exposes basic tampering.
File structure
Xref tables, trailer chain, incremental updates. Any edit after export leaves a structural fingerprint here.
Digital signatures
Signature chain integrity and post-signature modifications produce deterministic markers. Certainty-level signal.
Content integrity
Fonts, objects, embedded content, page assembly. Multi-session edits and inserted objects are visible at this layer.
Verdict with markers
Deterministic output: INTACT / MODIFIED / INCONCLUSIVE, with named markers for every finding — suitable for audit trail.
Super statements and adjacent AU asset PDFs we check
Every type listed below is analyzed at the structural file layer — not the rendered image.
Detection capabilities
Deterministic structural signals. No probabilistic scores, no model training.
Producer signature on the statement
Authentic super statements come from fund document systems — recognisable producer signatures specific to AustralianSuper, AwareSuper, HostPlus, REST, Cbus, Australian Retirement Trust, UniSuper, and other major funds. When the producer is Microsoft Excel, Word, LibreOffice, Chrome Headless, or a generic PDF library, the document was edited or fabricated on a desktop.
Incremental update trail
A clean fund export has one cross-reference table. Re-saves through Excel or PDF editors append a second xref — visible structural evidence of post-export editing.
Balance and contribution arithmetic
Line arithmetic across the statement (opening balance → contributions → returns → fees → closing balance) is verified row by row. Edited closing balances break the chain unless every dependent field is also adjusted.
Modification timestamp gap
A real statement issued in July has CreationDate ≈ ModDate in July. A six-month gap on a "freshly issued" statement is a high-confidence flag for post-export editing.
Font subset divergence across pages
Multi-session edits or page reassembly leave font subset prefix shifts. Single-session legitimate fund exports have consistent subsets across all pages.
Image-stream artefacts in fabricated headers
Fabricated statements often paste fund logos lifted from the fund’s site. The pasted image stream carries different compression characteristics than authentic embedded headers — a structural fingerprint.
Two HTTP calls to verify any super statement
Buyers can skip this section — developers, the integration is two HTTP calls.
Step 1 — submit the PDF
curl -X POST https://api.htpbe.tech/v1/analyze \
-H "Authorization: Bearer $HTPBE_API_KEY" \
-H "Content-Type: application/json" \
-d '{"url": "https://your-storage/applicant-super-statement.pdf"}'Step 2 — read the verdict
{
"id": "s1u2p3e4-5r6s-7t8u-9v0w-x1y2z3a4b5c6",
"status": "modified",
"modification_confidence": "high",
"modification_markers": [
"Spreadsheet producer detected (Microsoft Excel)",
"Two cross-reference tables — incremental update",
"Closing balance arithmetic does not reconcile"
],
"producer": "Microsoft Excel",
"creator": "AustralianSuper Member Portal (original)",
"creation_date": 1689638400,
"modification_date": 1707350400,
"has_digital_signature": false,
"xref_count": 2,
"has_incremental_updates": true
}Original came from the AustralianSuper Member Portal. Then six months later it was opened in Microsoft Excel and re-saved — adding a second xref table. The closing balance no longer reconciles with opening + contributions + returns − fees. Verdict: modified at high confidence. The applicant edited the balance after fund issuance.
Customer Stories
Teams that stopped document fraud
Compliance, finance, and risk teams use htpbe? to catch manipulated PDFs before they become costly mistakes.
Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.
Sarah M.
AP Manager
United States
We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.
Lars V.
Risk Analyst, Online Lending
Netherlands
Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.
Priya K.
HR Operations Lead
India
Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.
Julien R.
Fraud Analyst, Fintech
France
Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for verified originals when something is flagged. Already saved us from a few bad decisions.
Marta S.
Compliance Coordinator
Spain
One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.
Tariq A.
Finance Manager
United Arab Emirates
Frequently asked questions
inconclusive — institutional metadata is gone because the scanner authored a fresh PDF. Treat inconclusive on a super statement as a prompt for manual review or a request for the original PDF download from the fund portal.Related solutions and guides
Tenant Screening
Income + asset document forensics for AU property managers and tenant-referencing platforms.
Xero Payslip Fraud Detection
Sister page — same forensics for Xero-generated payslips, often submitted alongside super.
MYOB Payslip Fraud Detection
Sister page — same forensics for MYOB-generated AU payslips.
Fake NDIS Document Detection
NDIS worker document forensics — same Australian compliance and workforce cluster.
Secure your workflow
Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.