Fake proof-of-income is how bad tenants get keys
Fabricated pay stubs and doctored bank statements pass a visual review every day. The eviction costs more than any lease payment. Structural PDF forensics catches what the eye can’t.
HTPBE analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t inspect holograms, phone photos, or ID biometrics. If your fraud problem is a digitally altered PDF, we’re the most specific tool for it.
One REST call, one deterministic verdict
Upload the PDF. The API returns INTACT, MODIFIED, or INCONCLUSIVE with named markers — in about three seconds.
Tenant Screening document fraud in 2026
Three real fraud mechanics we catch at the structural PDF layer.
Fabricated pay stubs
A pay-stub generator produces a PDF with a plausible employer and inflated income. The file structure doesn’t match any real payroll system.
Inflated bank statement balances
Running balance edited to show padded savings or higher deposits. Incremental update markers and arithmetic checks expose the change.
Utility bill name swap
A legitimate utility bill with the name field replaced to establish residency fraud. Font metrics and object layout reveal the substitution.
The scale of the problem
The verification gap
KYC platforms verify the document. HTPBE verifies the file.
Two different checks — both matter.
Credit bureaus pull reported data; they don’t examine the PDF the applicant uploaded. Income-verification platforms that rely on bank connections work only when the applicant is willing to connect — the ones who forge documents rarely are. Visual review by a leasing agent cannot detect a well-made fabrication. HTPBE operates on the file structure, independent of visual rendering.
Five forensic layers, one deterministic verdict
Every PDF we receive passes through the same structural pipeline — no model training, no thresholds to tune.
Metadata analysis
Creation and modification timestamps, producer and creator fields, XMP metadata — the first layer exposes basic tampering.
File structure
Xref tables, trailer chain, incremental updates. Any edit after export leaves a structural fingerprint here.
Digital signatures
Signature chain integrity and post-signature modifications produce deterministic markers. Certainty-level signal.
Content integrity
Fonts, objects, embedded content, page assembly. Multi-session edits and inserted objects are visible at this layer.
Verdict with markers
Deterministic output: INTACT / MODIFIED / INCONCLUSIVE, with named markers for every finding — suitable for audit trail.
PDF document types we verify for tenant screening
Every type listed below is analyzed at the structural file layer — not the rendered image.
Detection capabilities
Deterministic structural signals. No probabilistic scores, no model training.
Gross-to-net arithmetic
Pay stub math is checked against declared deductions. Generator-tool output usually fails this check.
Running balance plausibility
Statement transaction rows are validated against the running balance column — inserted credits break the sequence.
Producer field validation
Authentic payroll and bank exports have known producer signatures. Generator tools and editors leave different ones.
Text layer vs. raster mismatch
Replaced text in a rendered page causes the text and visual layers to disagree — a clean forensic signal.
Incremental update detection
Any post-export modification creates a structural trail, even when the change is a single field.
Customer Stories
Teams that stopped document fraud
Compliance, finance, and risk teams use HTPBE to catch manipulated PDFs before they become costly mistakes.
Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.
Sarah M.
AP Manager
United States
We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.
Lars V.
Risk Analyst, Online Lending
Netherlands
Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.
Priya K.
HR Operations Lead
India
Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.
Julien R.
Fraud Analyst, Fintech
France
Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for verified originals when something is flagged. Already saved us from a few bad decisions.
Marta S.
Compliance Coordinator
Spain
One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.
Tariq A.
Finance Manager
United Arab Emirates
Frequently asked questions
Snappt focuses on document-level classification and has a large property-manager footprint. HTPBE is a developer API with structural PDF forensics — designed to plug into rental platforms, tenant-screening services, and PropTech products rather than replace a screening workflow. If you’re building screening software, we’re the lower-level layer you integrate.
Yes. Structural analysis is format-agnostic — it reads the PDF’s internal layers regardless of the payroll system or country. Any digital PDF works.
Outside scope. A phone photo is a raster image, not a PDF with a file structure. If applicants submit photos or scanned images, the method cannot evaluate authenticity. Require digital PDF uploads for best results.
The API is stack-agnostic. Any platform that accepts uploaded PDFs and can make an outbound HTTPS call can integrate. Middleware or Zapier works; most teams wire it into their intake endpoint directly.
Related solutions and guides
Alternative Lending
Pay stub and bank statement forensics — same document set, lender angle.
Mortgage Underwriting
Income document integrity in mortgage origination — W-2s, tax returns, asset statements.
Bank Statement Fraud Detection
Technical explainer of bank statement tampering patterns.
Secure your workflow
Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.