Free PDF Check

Rental Income Fraud Detection — the structural-PDF layer Snappt-style tools do not provide

Q: What does "inconclusive" mean for a pay stub?

An inconclusive verdict means the document was produced with consumer software (Microsoft Word, Google Docs, a generic PDF printer) rather than a real payroll system. The file lacks the institutional metadata that authentic payroll exports carry. In the tenant screening context this is a risk signal — legitimate pay stubs from established employers come from payroll software, not Word.

Built for fraud ops at lending, insurance & compliance teams

Property managers and PropTech platforms screen rental applications under FCRA — every adverse action has to stand up to a denial dispute. Visual review and Snappt-style content-verification miss the structural fingerprint of a real pay stub edited in a PDF tool. A single API call surfaces those edits with named markers an FCRA-compliant adverse-action letter can cite.

~3 sec

per document

59 checks

forensic layers

From $15

per month

1,500+

docs / month on Growth

Scope

HTPBE? analyzes the structural layer of the PDF file — the layer that records every edit, even invisible ones. We don’t inspect holograms, phone photos, or ID biometrics. If your fraud problem is a digitally fabricated or edited income document, we’re the most specific tool for it.

Phone photos and scanned paper documents are outside scope — require digital PDF uploads for best results.

The problem

Why rental income fraud bypasses Snappt-style verifications

Snappt-style platforms verify the content of an income document — the employer name, the wage figure, the math — against expected patterns. A real pay stub from a real employer, opened in a PDF editor and re-saved with one figure changed, still passes content review: the formatting is right, the math reconciles after both gross and net are nudged. The structural fingerprint of the editing session lives in the file, not on the page.

Fabricated pay stubs and doctored bank statements are the two most common rental-income-fraud vectors. Eviction costs a property manager $3,500 or more on average — a number that dwarfs any lease payment the fraudulent tenant ever paid.

Open-banking income vendors only work when the applicant connects the bank — the applicants who forged the pay stub rarely do. HTPBE? operates on the binary structure of the PDF the applicant actually uploaded, covering utility bills and employment letters as well as income documents — standalone, no bank-connect consent required.

Common proof-of-income fraud patterns

Pay stub generated with an online pay-stub tool — no real employer behind it
Running balance edited on a bank statement to show padded savings
Legitimate utility bill with the name field replaced to establish residency
Real pay stub opened in a PDF editor with the salary figure inflated
Tax return modified to support a higher declared income

What this looks like

Document fraud in 2026 — three concrete patterns

Three real fraud mechanics we catch at the structural PDF layer.

Pay stub generated with an online pay-stub tool — no real employer behind it

Running balance edited on a bank statement to show padded savings

Legitimate utility bill with the name field replaced to establish residency

Real pay stub opened in a PDF editor with the salary figure inflated

Tax return modified to support a higher declared income

59 layers

Forensic checks per document

~3 sec

Median analysis time, end to end

From $15

Self-serve per month, no sales call

The detection gap

KYC platforms check the document. HTPBE? checks the file.

Two different checks — both matter.

KYC & identity platforms

Plaid · Persona · Alloy · Jumio

Is this a real bank statement template?
Does the account number match the identity?
Is the document format consistent with the issuing bank?

Detects fake documents. Does not detect edited real documents.

HTPBE? tamper detection API

Structural PDF integrity

Was this specific PDF file modified after it was generated?
Do metadata timestamps match the file structure?
Were digital signatures valid at the time of signing?

Catches edits invisible to visual review and template checks.

Results in under 3 seconds·30 to 1,500+ documents/month·From $15/mo

What HTPBE? checks

What the API detects in income documents

Five forensic layers analyzed on every request — results in under 3 seconds

Generator-tool producer signature

Real payroll systems (ADP, Workday, Paychex) produce recognizable producer signatures. Online pay-stub generators and editors leave different ones — immediately flagged.

Gross-to-net arithmetic

Pay stub math is checked against declared deductions. Generator-tool output usually fails this check — inflated gross pay does not reconcile with the stated net.

Running balance plausibility

Statement transaction rows are validated against the running balance column. Inserted credits break the arithmetic sequence and expose the edit.

Incremental update trail

Any post-export modification — even a single field change — creates a structural fingerprint in the xref table. HTPBE? counts update chain depth.

Text layer vs. raster mismatch

Replaced text in a rendered page causes the text and visual layers to disagree — a clean forensic signal that content was altered on top of an image.

Modification date inconsistency

PDF editors update the ModDate field automatically. A ModDate weeks after CreationDate on a pay stub is a direct tampering signal.

Share with engineering

Wire this into your intake pipeline in under a day

Two API calls — one POST to submit the PDF, one GET to retrieve the verdict. Forward this page to your engineering team; the full API reference, quotas, and copy-paste examples in cURL, JavaScript, Python, PHP, Go, and Ruby are one click away.

Full API reference for engineering

Pricing

Self-serve plans, no sales call

All plans include the same forensic checks. Pick the quota that matches your monthly document volume.

manual

Starter

$15/mo

30 checks/mo

Manual spot-checks and integration testing

most common

Growth

$149/mo

350 checks/mo

Active document processing pipelines

high volume

Pro

$499/mo

1,500 checks/mo

High-volume automation and API integrations

Enterprise (unlimited, on-premise available) — see full pricing

Secure your workflow View API docs

API key on signup. Free test environment on every plan. No card required.

Customer Stories

Teams that stopped document fraud

Compliance, finance, and risk teams use HTPBE? to catch manipulated PDFs before they become costly mistakes.

Caught an invoice where the total had been changed by less than a thousand dollars. Without this I would have approved it without a second look.

Sarah M.

AP Manager

United States

We had three applicants in the same week with bank statements that looked completely fine. Two of them were flagged as modified. You simply cannot see this by reading the document — it is in the file structure.

Lars V.

Risk Analyst, Online Lending

Netherlands

Salary slips were coming with altered figures. We identified two problematic files before the placement was finalised.

Priya K.

HR Operations Lead

India

Since we started checking documents this way, we stopped two applications early in the process that would have been very difficult to reverse later.

Julien R.

Fraud Analyst, Fintech

France

Some applicants were sending PDFs that looked authentic but had been edited in ways not visible to the eye. We now ask for checked originals when something is flagged. Already saved us from a few bad decisions.

Marta S.

Compliance Coordinator

Spain

One invoice was caught because there was a mismatch between the document dates and structure. That particular case would have cost us significantly.

Tariq A.

Finance Manager

United Arab Emirates

FAQ

Frequently asked questions

How does the API detect a fabricated pay stub?

HTPBE? analyzes the binary structure of the PDF — not the visual content. It checks the producer field against a database of known payroll systems, validates gross-to-net arithmetic, counts xref tables, and looks for incremental update records. These structural traces expose generator-tool output and manually edited documents even when they look identical to authentic pay stubs.

Can it catch pay stubs from online generator tools?

Yes. Online pay-stub generators produce PDFs with distinctive producer signatures, font subset patterns, and object layouts that differ from authentic payroll exports. The API cross-references against a database of 200+ known tools and flags non-authentic producers.

What does "inconclusive" mean for a pay stub?

An inconclusive verdict means the document was produced with consumer software (Microsoft Word, Google Docs, a generic PDF printer) rather than a real payroll system. The file lacks the institutional metadata that authentic payroll exports carry. In the tenant screening context this is a risk signal — legitimate pay stubs from established employers come from payroll software, not Word.

Can HTPBE? integrate with AppFolio, Yardi, RealPage, or Buildium?

The API is stack-agnostic. Any platform that accepts uploaded PDFs and can make an outbound HTTPS call can integrate. Most teams wire it into their intake endpoint directly; middleware or Zapier also works.

Secure your workflow

Create your account — API key on signup, free test environment on every plan.
From $15/mo. No sales call. Cancel any time.

Start free — close the structural fraud gap See pricing

Read API docs →