Can I check bank statements submitted by loan applicants?

If your document was issued by a real institution — a state register, a court, a bank, a payroll system — and HTPBE? returns INCONCLUSIVE instead of INTACT, that does not mean the document is forged. It means HTPBE? cannot structurally prove that the file was not modified after creation. The document may well be genuine; the verdict reflects the limits of structural analysis, not the document itself.

Why a clean file can still be inconclusive

HTPBE? promises only one thing: detect post-creation modification of the PDF file. To say INTACT we need positive evidence that the file is structurally indistinguishable from the moment it was generated. That evidence does not exist when the document was produced by a tool that anyone can install or use:

• HTML-to-PDF renderers — wkhtmltopdf, Chrome / Chromium print-to-PDF (Skia/PDF), Headless Chrome, Puppeteer, Playwright, WeasyPrint, Prince. A government registry that serves PDFs through wkhtmltopdf produces output that is byte-for-byte reproducible by anyone with the same template and the same wkhtmltopdf build.
• Consumer office software — Microsoft Word, LibreOffice, Pages, Google Docs “Download as PDF”, generic print-to-PDF drivers. The same software that an institution might use is freely available to a forger.
• Online PDF editors and converters — iLovePDF, Smallpdf, PDF24, ILovePDF, Sejda. These services strip original metadata as part of their normal pipeline, so the provenance of any document that passed through them is gone.
• Scanned images — a PDF that contains only raster pages (photos or scans) and no selectable text. Anyone can print a document, alter the printout, and re-scan it. The scanner has no way to record “this is the original physical paper that left the issuer’s office.”
• Filled-in PDF forms — Acrobat’s “Fill & Sign”, online form fillers. Filling a form is a legitimate edit, but at the file level it is indistinguishable from a malicious edit, so we do not call the result intact.
• Unverifiable metadata — the producer or creator field is missing, blank, or stripped, leaving nothing for the engine to compare against known institutional patterns.

In every category the same logic applies: the production tool is public, the output is reproducible, and there is no cryptographic anchor (a digital signature, an issuer’s certificate) that ties the file to a specific source. We refuse to call that file INTACT because doing so would let forgers run the same public tool and inherit a green check.

What you should do with an inconclusive verdict

• Get the document from the source. If it is a state-register extract, download it yourself directly from the registry. If it is a bank statement, log in to the bank and re-download the original. A copy received from a third party is the part of the chain you cannot trust; replacing it with a fresh copy from the issuer eliminates the question.
• Look for a digital signature. Many institutional PDFs (court filings, EU eIDAS-compliant invoices, tax filings) carry a cryptographic signature from the issuer. If the signature is present and validates, that is far stronger evidence of authenticity than any structural analysis.
• Use the issuer’s official verification API or portal when one exists. Government registers, eInvoicing networks, and academic credentialing bodies often expose a query interface that returns the canonical record by document number.
• Check the visible content yourself. Compare names, dates, amounts, registration numbers against your own records or a trusted directory. HTPBE? does not read content — it cannot tell you whether the values printed on the page are the values the issuer originally produced.

What HTPBE? does well, and where it stops

HTPBE? is built to catch the most common attack: a contractor or counterparty receives a legitimate institutional document, opens it in an editor, changes a number or a name, and forwards the modified file. That category leaves structural fingerprints — multiple xref tables, mismatched generator strings, font-subset divergence, signature-coverage gaps — and HTPBE? is designed to surface them as MODIFIED.

What HTPBE? cannot do is verify fabricated-from-scratch documents. A forger who builds a counterfeit registry extract from scratch in wkhtmltopdf produces a structurally clean file. That is exactly the case we mark INCONCLUSIVE rather than INTACT: structural cleanliness is not authenticity, and we will not pretend otherwise.

For details on the categories themselves, see Can someone create a fake document from scratch? and How HTPBE? determines whether a PDF was modified.

Payment confirmation fraud is a real problem in online transactions. When someone sends you a PDF screenshot or receipt as “proof of payment”, it could have been digitally edited to fake the transaction details.

Common fraud scenarios:

• Marketplace sellers: A buyer sends a fake payment confirmation to receive goods before actually paying
• Freelancers: A client shows an edited bank transfer screenshot claiming payment was sent
• Rental/accommodation: A tenant provides a modified payment receipt to avoid actual payment
• Online businesses: Customers submit altered invoices or receipts to claim refunds or discounts
• Peer-to-peer transactions: Someone shows fake payment proof to receive goods or services

How HTPBE? helps: By checking if the PDF has been modified, you can quickly identify suspicious payment confirmations. If a payment screenshot shows as “modified” in our analysis, it’s a red flag that the document may have been tampered with.

Important: Always check payment through your actual bank account or payment platform. HTPBE? is an additional fraud-detection tool, not a replacement for checking your real account balance.

Our PDF modification detection system provides high accuracy through multi-layer analysis combining metadata validation, structural analysis, and signature verification. The accuracy depends on several factors: the quality of PDF metadata, the sophistication of modification attempts, and the PDF creation tools used.

Results come in three states: Intact (no signs of modification found), Modified (modification detected), and Cannot Determine (the PDF was created with consumer software such as Microsoft Word or LibreOffice — integrity analysis does not apply to documents created with these tools).

There is one fundamental limitation to understand: the tool detects post-creation modifications, not fabricated content. If someone creates a fake invoice or certificate from scratch in Word and exports it to PDF, that PDF will show as Intact — because it was never modified after creation. The check only tells you whether the file was changed after it was generated, not whether the data inside it is truthful. See Can someone create a fake document from scratch? for details.

For critical decisions, we recommend using this tool as part of a broader fraud-detection strategy rather than relying solely on automated results.