The bank statement your underwriter approved may have been edited after download
Alternative lenders, MCA providers, and BNPL platforms live on income documents. Plaid connects to the bank; it doesn’t see the PDF an applicant uploaded. HTPBE verifies the file structure itself.
HTPBE analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t inspect holograms, phone photos, or ID biometrics. If your fraud problem is a digitally altered PDF, we’re the most specific tool for it.
One REST call, one deterministic verdict
Upload the PDF. The API returns INTACT, MODIFIED, or INCONCLUSIVE with named markers — in about three seconds.
Alternative Lending document fraud in 2026
Three real fraud mechanics we catch at the structural PDF layer.
Altered bank statements
Running balances and transaction amounts edited to inflate deposits or hide overdrafts. The PDF looks like the one the bank issued — the file structure shows an incremental update trail.
Fabricated pay stubs
Gross pay, net pay, or employer details regenerated through a pay-stub generator or re-saved after edit. Producer fields, font subsets, and object layout don’t match authentic payroll exports.
Manipulated tax returns
Annual income and deduction figures modified to support a larger borrowing request. Table arithmetic and form-field metadata expose the change even when the visual layout is perfect.
The scale of the problem
The verification gap
KYC platforms verify the document. HTPBE verifies the file.
Two different checks — both matter.
Plaid and Finicity connect to the bank and return transaction data from the source. They can’t tell you whether the PDF an applicant uploaded matches that source. KYC platforms (Persona, Alloy, Onfido) verify the person, not the paperwork behind them. Manual review catches obvious fakes; it misses edits invisible to the eye. HTPBE fills the structural PDF layer those tools don’t provide — and it works standalone, with no original document required for comparison.
Five forensic layers, one deterministic verdict
Every PDF we receive passes through the same structural pipeline — no model training, no thresholds to tune.
Metadata analysis
Creation and modification timestamps, producer and creator fields, XMP metadata — the first layer exposes basic tampering.
File structure
Xref tables, trailer chain, incremental updates. Any edit after export leaves a structural fingerprint here.
Digital signatures
Signature chain integrity and post-signature modifications produce deterministic markers. Certainty-level signal.
Content integrity
Fonts, objects, embedded content, page assembly. Multi-session edits and inserted objects are visible at this layer.
Verdict with markers
Deterministic output: INTACT / MODIFIED / INCONCLUSIVE, with named markers for every finding — suitable for audit trail.
PDF document types we verify for alternative lending
Every type listed below is analyzed at the structural file layer — not the rendered image.
Detection capabilities
Deterministic structural signals. No probabilistic scores, no model training.
Running balance plausibility
Row-by-row arithmetic checks across statement transactions flag inserted credits and removed debits.
Incremental update trail
Every edit after the original export leaves an xref table and trailer chain fingerprint. We read it directly.
Producer and creator consistency
Genuine bank exports come from a known producer. Re-saves through editors, browsers, or online tools change this signature.
Gross-to-net arithmetic on pay stubs
We verify that deductions reconcile with gross pay — a check most generator tools fail.
PDF text layer vs. raster layer mismatch
Some forgers replace text in a rendered image. The text and visual layers stop agreeing.
Font subset divergence
Multi-session edits produce page-to-page font subset prefix changes — invisible to readers, obvious to structural analysis.
Customer Stories
Teams that stopped document fraud
Compliance, finance, and risk teams use HTPBE to catch manipulated PDFs before they become costly mistakes.
Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.
Sarah M.
AP Manager
United States
We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.
Lars V.
Risk Analyst, Online Lending
Netherlands
Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.
Priya K.
HR Operations Lead
India
Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.
Julien R.
Fraud Analyst, Fintech
France
Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for verified originals when something is flagged. Already saved us from a few bad decisions.
Marta S.
Compliance Coordinator
Spain
One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.
Tariq A.
Finance Manager
United Arab Emirates
Frequently asked questions
Yes. Adobe Acrobat edits leave an incremental update section in the PDF’s xref table. The structural analysis detects the update chain and flags modification even when the visible content looks identical to the original.
Plaid connects to the bank directly and returns transaction data from the source. It does not examine the PDF the applicant uploaded. HTPBE reads the uploaded PDF’s file structure and tells you whether it was edited after the bank issued it. The two are complementary — Plaid verifies the account, HTPBE verifies the document.
Yes. HTPBE performs standalone structural analysis of the submitted PDF. It doesn’t need a reference copy or a hash from the issuing bank — the forensic signals are inside the file itself.
Any digital PDF up to 10 MB. We verify PDFs produced by bank portals, neo-banks, and business banking platforms worldwide. Scanned paper statements and phone photos are outside scope — our method operates on the PDF’s file structure, not its visual rendering.
Related solutions and guides
Mortgage Underwriting
The same income-document forensics, applied to W-2s, tax returns, and asset statements in the mortgage origination pipeline.
Tenant Screening
Payslip and bank-statement fraud in rental applications, verified before lease signing.
Bank Statement Fraud Detection
Deep dive into the structural markers that expose edited bank statements — technical overview for developers and risk engineers.
Secure your workflow
Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.