PDF Certificate Verification API
Detect fake diplomas, forged professional credentials, and altered certificates of completion. One API call surfaces forensic evidence of PDF modification — before a candidate is hired.
Credential fraud is an unsolved problem in hiring
Research from the University of Portsmouth estimates that recruitment fraud costs UK employers £24 billion annually. In the United States, studies indicate that roughly 40% of resumes contain some form of misrepresentation, and fake credentials are the fastest-growing category.
The core problem is that PDF certificates look authentic when fraudulently modified. Free tools like iLovePDF, SmallPDF, and Adobe Acrobat can change any text in a PDF in under two minutes. The resulting file is visually indistinguishable from the original — but the binary structure tells a different story.
HTPBE does not compare against a database. It analyzes the PDF’s own internal structure for signs of post-issuance modification, which means it works even for certificates from obscure or international institutions where no database record exists.
Most common certificate modifications
- Name field changed to the applicant’s name
- Graduation year changed from fail to pass
- Grade or GPA altered
- Issuing institution name changed
- Certificate date changed to appear more recent
- Real certificate of a different person reused
Forensic signals analyzed in every certificate
No original document required — analysis is fully self-contained
Institutional producer check
Legitimate certificates from universities and professional bodies are generated by institutional document systems. A producer field showing “iLovePDF” or “PDF24” means the certificate was processed by an editing tool after issuance.
Incremental update detection
When a text field in a PDF is edited, the change is appended as an incremental update rather than rewriting the file. HTPBE counts update chain length — genuine certificates have none.
Multiple xref tables
Each editing session adds a new cross-reference table to the PDF. A certificate with multiple xref tables was almost certainly modified after it was originally generated.
Modification date analysis
A certificate’s ModDate should equal its CreationDate if unmodified. A gap of months or years between creation and modification is a primary forgery signal.
Digital signature validation
Accredited institutions often digitally sign certificates. If a signature exists and content was modified after signing, HTPBE returns “modified” with “certain” confidence.
Font and object consistency
Text substitutions in PDF certificates often introduce font subsets that were not part of the original document. HTPBE’s content analysis layer detects inconsistent object origins.
For HR teams and background check platforms
From manual review to automated screening at any scale
Detect when a genuine certificate PDF was edited to change names, grades, or dates
Identify certificates generated by unofficial PDF tools rather than institutional systems
Flag producer/creator mismatches — Microsoft Word output re-processed by an online editor
Catch incremental updates that indicate post-issuance content changes
Integrate into your ATS, HRIS, or background check workflow via REST API
Scale from manual spot-checks to automated screening of thousands of applicants
Integrate in minutes
Two calls: POST the PDF URL, then GET the forensic verdict. No SDK, no training data.
Request
curl -X POST https://api.htpbe.tech/v1/analyze \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"url": "https://your-storage.com/diploma-john-doe.pdf"}'Result (GET /v1/result/{id})
{
"id": "3f9c8b7a-2e1d-4c5f-9b8e-7a6d5c4b3a21",
"status": "modified",
"modification_confidence": "high",
"modification_markers": [
"Known PDF editing tool detected",
"Different creation and modification dates"
],
"creator": "Microsoft Word",
"producer": "iLovePDF",
"creation_date": 1684141200,
"modification_date": 1725370920,
"has_digital_signature": false,
"xref_count": 2,
"has_incremental_updates": true
}What “inconclusive” means for certificates: Certificates generated by consumer desktop tools (Microsoft Word, Google Docs exported to PDF) return inconclusive because their internal structure cannot verify integrity. This is itself a signal — legitimate institutional certificates are not generated by Word. Use it as a prompt for manual review.
Pricing
Self-serve plans. No sales call, no procurement process.
Starter
$15/mo
30 checks/mo
Manual verification for small hiring teams
Growth
$149/mo
350 checks/mo
Recruiting teams screening daily applicants
Pro
$499/mo
1,500 checks/mo
Background check platforms and staffing agencies
Enterprise (unlimited, on-premise available) — see full pricing and docs
Frequently Asked Questions
How does it detect a fake diploma without the original?
HTPBE analyzes the internal structure of the PDF — not its visual appearance. Legitimate certificates from universities and professional bodies are generated by institutional document systems. If the file was later opened in iLovePDF, SmallPDF, or Adobe Acrobat and edited, it leaves structural traces: additional xref tables, incremental update records, and a modification date gap. No comparison to an original document is required.
Does it work for certificates from any country?
Yes. The analysis is purely structural — it reads the binary structure of the PDF file, not the text content or template layout. It works for certificates from any institution in any country and in any language. The only requirement is a publicly accessible URL to the PDF file.
What does "inconclusive" mean for a certificate?
A verdict of inconclusive means the certificate was created with consumer software: Microsoft Word, Google Docs, or a desktop PDF printer. These tools do not embed institutional metadata, so structural integrity cannot be verified. For certificates, this verdict is particularly significant — legitimate university diplomas and professional accreditations are not generated by Word. Treat inconclusive as a prompt for manual verification.
Can it detect AI-generated fake certificates?
Partially. If an AI-generated certificate PDF was created from scratch using a PDF library (jsPDF, ReportLab), HTPBE may return inconclusive because it was never "modified" — it was fabricated as a new file. However, the producer and creator fields in the response will reveal the generation tool, which is a risk signal for certificates that should come from institutional systems. Many AI-generated fakes are also subsequently edited, which adds detectable structural markers.
Also see: PDF verification for Healthcare →
Automate PDF Verification in Your Workflow
REST API with transparent pricing from $15/mo. Self-serve — no sales call required.
Free web tool available for manual checks. Test keys on all plans.