logo
Free PDF Check

Accounts Payable Fraud Detection API

Built for fraud ops at lending, insurance & compliance teams

Your AP pipeline processes thousands of invoices monthly. One altered bank detail routes a wire to a criminal. A single API call at document intake checks every inbound vendor PDF — before it reaches an approver — catching bank-detail swaps, forged W-9s, and BEC-modified invoices.

~3 sec
per document
59 checks
forensic layers
From $15
per month
1,500+
docs / month on Growth
Scope

HTPBE? analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t replace AP automation, OCR extraction, or three-way match workflows. We add the structural-integrity layer at document intake that reads the file itself, not the data extracted from it.

The problem

AP teams are the last line of defense against invoice fraud

AP automation and OCR read what’s on the page. Email-security filters catch malicious attachments and spoofed senders — they don’t inspect PDF structure. Three-way match ensures the amount matches the PO and receipt; it doesn’t catch a swapped bank account number.

Most BEC fraud ends with a swapped payment detail on an otherwise legitimate invoice. A vendor’s real invoice is intercepted, re-saved with a new IBAN or account number, and forwarded to the AP team. The PDF prints identically; the file structure records the edit.

FBI IC3 data shows $2.7 billion lost to BEC and invoice fraud annually. One in four finance teams reports a BEC incident each year. By the time the wire clears, the money is gone.

Common AP fraud patterns

  • Vendor invoice intercepted and re-saved with a new bank account or IBAN
  • Fraudulent W-9 impersonating a real vendor to redirect payments
  • Fabricated bank account change request claiming to come from a known supplier
  • Invoice amount or line items inflated before forwarding to AP queue
  • Supplier onboarding form forged to establish a fictitious vendor

What this looks like

Document fraud in 2026 — three concrete patterns

Three real fraud mechanics we catch at the structural PDF layer.

01

Vendor invoice intercepted and re-saved with a new bank account or IBAN

02

Fraudulent W-9 impersonating a real vendor to redirect payments

03

Fabricated bank account change request claiming to come from a known supplier

04

Invoice amount or line items inflated before forwarding to AP queue

05

Supplier onboarding form forged to establish a fictitious vendor

59 layers
Forensic checks per document
~3 sec
Median analysis time, end to end
From $15
Self-serve per month, no sales call

The detection gap

KYC platforms check the document. HTPBE? checks the file.

Two different checks — both matter.

KYC & identity platforms

Plaid · Persona · Alloy · Jumio

  • Is this a real bank statement template?
  • Does the account number match the identity?
  • Is the document format consistent with the issuing bank?

Detects fake documents. Does not detect edited real documents.

HTPBE? tamper detection API

Structural PDF integrity

  • Was this specific PDF file modified after it was generated?
  • Do metadata timestamps match the file structure?
  • Were digital signatures valid at the time of signing?

Catches edits invisible to visual review and template checks.

Results in under 3 seconds30 to 1,500+ documents/monthFrom $15/mo

What HTPBE? checks

What the API detects in AP documents

Five forensic layers analyzed on every inbound PDF — results in under 3 seconds

Incremental update trail

The primary marker of BEC and invoice tampering. Any save after the original vendor export creates a detectable update section in the PDF structure, even when the edit was one character.

Producer field mismatch

Authentic accounting software (QuickBooks, Xero, SAP, NetSuite) leaves a known producer signature. Re-saves through editors change it. A producer mismatch on an invoice from a vendor who “always uses QuickBooks” is an immediate flag.

Arithmetic reconciliation

Line-item totals, tax, and grand totals are checked for internal consistency across the invoice. One altered figure breaks the arithmetic chain.

Font and object layout consistency

Edited objects and injected text reveal themselves through font subset prefix shifts and object-number anomalies — invisible to the eye, readable in the file structure.

Digital signature bypass

If the original invoice was digitally signed, HTPBE? detects content added after signing at certainty-level confidence — the highest verdict available.

Multiple xref tables

An unmodified invoice from accounting software has one xref table. A second table means content was added after the original save — the structural signature of a bank-detail swap.

Share with engineering

Wire this into your intake pipeline in under a day

Two API calls — one POST to submit the PDF, one GET to retrieve the verdict. Forward this page to your engineering team; the full API reference, quotas, and copy-paste examples in cURL, JavaScript, Python, PHP, Go, and Ruby are one click away.

Full API reference for engineering

Pricing

Self-serve plans, no sales call

All plans include the same forensic checks. Pick the quota that matches your monthly document volume.

manual

Starter

$15/mo

30 checks/mo

Manual spot-checks and integration testing

most common

Growth

$149/mo

350 checks/mo

Active document processing pipelines

high volume

Pro

$499/mo

1,500 checks/mo

High-volume automation and API integrations

Enterprise (unlimited, on-premise available) see full pricing

Secure your workflowView API docs

API key on signup. Free test environment on every plan. No card required.

Customer Stories

Teams that stopped document fraud

Compliance, finance, and risk teams use HTPBE? to catch manipulated PDFs before they become costly mistakes.

Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.

Sarah M.

AP Manager

United States

We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.

Lars V.

Risk Analyst, Online Lending

Netherlands

Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.

Priya K.

HR Operations Lead

India

Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.

Julien R.

Fraud Analyst, Fintech

France

Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for checked originals when something is flagged. Already saved us from a few bad decisions.

Marta S.

Compliance Coordinator

Spain

One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.

Tariq A.

Finance Manager

United Arab Emirates

FAQ

Frequently asked questions

We already have AP automation with OCR. Why add this?

OCR extracts data; it doesn’t check the document wasn’t edited. The two are complementary — OCR feeds your AP workflow, HTPBE? confirms each PDF hasn’t been tampered with before the payment is approved.

Can HTPBE? block business email compromise (BEC)?

It closes the last-mile document attack. Most BEC fraud hinges on a swapped payment detail on an otherwise familiar invoice. HTPBE? detects the swap at the structural layer where visible appearance can’t hide it.

What’s the false-positive rate on legitimate vendor re-exports?

Legitimate re-exports from known accounting systems (QuickBooks, Xero, SAP, NetSuite) produce a clean producer signature with no incremental update trail — these return INTACT. Modifications after export are what get flagged.

Does this work with Coupa, Ariba, Tipalti, Bill.com, or our custom AP portal?

Yes. The API is stack-agnostic — any platform that accepts PDFs and can make an outbound HTTPS call can integrate via a pre-fraud detection hook.

Secure your workflow

Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.

Start free — close the structural fraud gapSee pricing
Read API docs →