logo

Tenant Screening Fraud Detection API

Fake proof-of-income is how bad tenants get keys. A single API call reveals whether a pay stub or bank statement was fabricated or edited — catching generator-tool output, inflated balances, and utility bill name swaps that visual review misses every day.

~3 sec
per document
36 checks
forensic layers
From $15
per month
1,500+
docs / month on Growth

Scope

HTPBE? analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t inspect holograms, phone photos, or ID biometrics. If your fraud problem is a digitally fabricated or edited income document, we’re the most specific tool for it.

Phone photos and scanned paper documents are outside scope — require digital PDF uploads for best results.

Fake proof-of-income passes visual review every day

A pay-stub generator produces a plausible-looking PDF in under a minute. The employer name, wage figure, and layout all look right. A leasing agent reviewing dozens of applications cannot tell the difference — the file structure can.

Fabricated pay stubs and doctored bank statements are the two most common income fraud vectors in rental applications. Eviction costs a property manager $3,500 or more on average — a number that dwarfs any lease payment the fraudulent tenant made.

Credit bureaus pull reported data; they don’t examine the PDF the applicant uploaded. Income-verification platforms that rely on bank connections only work when the applicant is willing to connect — the ones who forge documents rarely are. HTPBE operates on the file structure, covering utility bills and employment letters as well as income documents.

Common proof-of-income fraud patterns

  • Pay stub generated with an online pay-stub tool — no real employer behind it
  • Running balance edited on a bank statement to show padded savings
  • Legitimate utility bill with the name field replaced to establish residency
  • Real pay stub opened in a PDF editor with the salary figure inflated
  • Tax return modified to support a higher declared income

What the API detects in income documents

Five forensic layers analyzed on every request — results in under 3 seconds

Generator-tool producer signature

Real payroll systems (ADP, Workday, Paychex) produce recognizable producer signatures. Online pay-stub generators and editors leave different ones — immediately flagged.

Gross-to-net arithmetic

Pay stub math is checked against declared deductions. Generator-tool output usually fails this check — inflated gross pay does not reconcile with the stated net.

Running balance plausibility

Statement transaction rows are validated against the running balance column. Inserted credits break the arithmetic sequence and expose the edit.

Incremental update trail

Any post-export modification — even a single field change — creates a structural fingerprint in the xref table. HTPBE? counts update chain depth.

Text layer vs. raster mismatch

Replaced text in a rendered page causes the text and visual layers to disagree — a clean forensic signal that content was altered on top of an image.

Modification date inconsistency

PDF editors update the ModDate field automatically. A ModDate weeks after CreationDate on a pay stub is a direct tampering signal.

Built for property managers and PropTech platforms

Integrate into your application flow or use the free tool for manual checks

Catch pay stubs produced by generator tools before a lease is signed

Detect edited bank statements where balances were inflated after download

Flag utility bills where the name or address field was replaced

Identify pay stubs where declared salary does not reconcile with deductions

Integrate into any rental application flow via a single REST call

Free web tool lets leasing teams check suspicious documents without writing code

Five forensic layers, one deterministic verdict

Every PDF we receive passes through the same structural pipeline — no model training, no thresholds to tune.

01

Metadata analysis

Creation and modification timestamps, producer and creator fields, XMP metadata — the first layer exposes basic tampering.

02

File structure

Xref tables, trailer chain, incremental updates. Any edit after export leaves a structural fingerprint here.

03

Digital signatures

Signature chain integrity and post-signature modifications produce deterministic markers. Certainty-level signal.

04

Content integrity

Fonts, objects, embedded content, page assembly. Multi-session edits and inserted objects are visible at this layer.

05

Verdict with markers

Deterministic output: INTACT / MODIFIED / INCONCLUSIVE, with named markers for every finding — suitable for audit trail.

See the full 36-check breakdown

Customer Stories

Teams that stopped document fraud

Compliance, finance, and risk teams use HTPBE? to catch manipulated PDFs before they become costly mistakes.

Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.

Sarah M.

AP Manager

United States

We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.

Lars V.

Risk Analyst, Online Lending

Netherlands

Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.

Priya K.

HR Operations Lead

India

Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.

Julien R.

Fraud Analyst, Fintech

France

Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for verified originals when something is flagged. Already saved us from a few bad decisions.

Marta S.

Compliance Coordinator

Spain

One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.

Tariq A.

Finance Manager

United Arab Emirates

Integrate in minutes

Two calls: POST the PDF URL, then GET the forensic verdict. No SDK required.

Request

bash
curl -X POST https://api.htpbe.tech/v1/analyze \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://your-storage.com/applicant-paystub.pdf"}'

Result (GET /v1/result/{id})

json
{
  "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "status": "inconclusive",
  "modification_confidence": "none",
  "modification_markers": [],
  "creator": "Microsoft Word",
  "producer": "PDF Creator Pro",
  "creation_date": 1743465600,
  "modification_date": 1743465600,
  "has_digital_signature": false,
  "xref_count": 1,
  "has_incremental_updates": false
}

In the tenant screening context, inconclusive is itself a risk signal. A genuine pay stub from a real employer comes from payroll software — not from Microsoft Word or a generic PDF creator. When the producer field reveals a word processor or generic tool, the document warrants manual verification regardless of modification markers.

Pricing

Self-serve plans. No sales call, no procurement process.

Starter

$15/mo

30 checks/mo

Small landlords and independent property managers

Growth

$149/mo

350 checks/mo

Active property management companies

Pro

$499/mo

1,500 checks/mo

PropTech platforms and large REITs

Enterprise (unlimited, on-premise available) — see full pricing and docs

Secure your workflowView API docs

API key on signup. Free test environment on every plan. No card required.

Frequently Asked Questions

How does the API detect a fabricated pay stub?

HTPBE? analyzes the binary structure of the PDF — not the visual content. It checks the producer field against a database of known payroll systems, validates gross-to-net arithmetic, counts xref tables, and looks for incremental update records. These structural traces expose generator-tool output and manually edited documents even when they look identical to authentic pay stubs.

Can it catch pay stubs from online generator tools?

Yes. Online pay-stub generators produce PDFs with distinctive producer signatures, font subset patterns, and object layouts that differ from authentic payroll exports. The API cross-references against a database of 200+ known tools and flags non-authentic producers.

What does "inconclusive" mean for a pay stub?

An inconclusive verdict means the document was produced with consumer software (Microsoft Word, Google Docs, a generic PDF printer) rather than a real payroll system. The file lacks the institutional metadata that authentic payroll exports carry. In the tenant screening context this is a risk signal — legitimate pay stubs from established employers come from payroll software, not Word.

Can HTPBE integrate with AppFolio, Yardi, RealPage, or Buildium?

The API is stack-agnostic. Any platform that accepts uploaded PDFs and can make an outbound HTTPS call can integrate. Most teams wire it into their intake endpoint directly; middleware or Zapier also works.

Secure your workflow

Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.

Secure your workflowView API docs

Related: Bank statement fraud detection →

Integrate tenant screening document verification in any stack

Two API calls — submit the income document PDF, read the verdict. Copy-paste examples for cURL, JavaScript, Python, PHP, Go, and Ruby.

bash
# Step 1: Submit PDF for analysis
curl -X POST https://api.htpbe.tech/v1/analyze \
  -H "Authorization: Bearer htpbe_live_..." \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com/document.pdf"}'
# Returns: {"id":"3f9c8b7a-2e1d-4c5f-9b8e-7a6d5c4b3a21"}

# Step 2: Retrieve full results
ID="3f9c8b7a-2e1d-4c5f-9b8e-7a6d5c4b3a21"
curl -s "https://api.htpbe.tech/v1/result/$ID" \
  -H "Authorization: Bearer htpbe_live_..." \
  | jq '.status'