Document Forensics

Document Tampering & Manipulation Detection

Tampering, editing, and layout manipulation signals across images, screenshots, scans, and business files.

Fraud and risk teamsLegal and compliance reviewersInsurance claims handlersTrust & safety teams
4.9·132+ reviews

Check a document instantly

Upload a file to start verification.

Drag & drop your document

or click to browse

PNG, JPG, WebP, PDF · Max 10MB

Your file stays in your browser until you create an account and confirm your email. Originals are deleted after analysis.

Advanced Verification
Originals Deleted
Redacted Reports

TrueDoc ROI and performance stats

<120sForensic report
10× fasterFraud review
40+Fraud signals
8+ hrsSaved / 100 docs

Estimated savings based on replacing a 10–15 minute manual document review with automated TrueDoc analysis.

Built on Trusted AI Infrastructure
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic
Google Cloud
Gemini
OpenAI
Anthropic

Multi-layer forensic logic

Proprietary detection scans template variance, metadata drift, pixel-level retouching, and structural anomalies the human eye misses.

▸ Document Analysis · LiveID: 8829-XQ
Risk score: High · 94%Signals matched: 12,042

Metadata deep-dive

Inspects EXIF, software signatures, edit history, and structural fingerprints.

SoftwareAdobe Photoshop 2024
ModifiedDetected
Geo-tagMismatch

Privacy-first by design

Originals are processed in encrypted memory and removed after analysis. Reports stay redacted by default.

No training on your data
Team & admin controls
▸ 01 · The Problem

Why eyeballing a document no longer works

Tampering is broader than PDF object edits. Edits hide in pixel-level splices on images, layered overlays on scans, and re-screenshots that strip metadata.

TrueDoc's document tampering detection covers tampered, edited, and manipulated documents — IDs, financial files, contracts, screenshots, and scans — in a single forensic pipeline.

▸ 02 · Fraud Signals

What we look for

Cross-checked across 5+ vectors
▸ Primary signal

Pixel-level splices on identity, financial, and business documents

Detected at pixel + metadata + structural layers

Overlay edits on scans (numbers, names, dates)

Layered or composited screenshots

Re-encoded files that hide earlier edits

Metadata inconsistencies indicating later modification

What gets checked

IDs, passports, licenses
Bank statements, pay stubs, invoices, receipts
Contracts and supporting documents
Screenshots and scanned business files
▸ 03 · Workflow

From upload to verdict

01

Upload the file

PDF or image, up to 10MB.

02

Run multi-layer forensics

ELA, splice detection, copy-move, font/spacing consistency, and metadata analysis.

03

Combine signals

Tampering findings are reconciled with AI-generation and structural checks.

04

Decide

Approve, hold for review, or reject with evidence.

What is document tampering detection?

Document tampering detection is the practice of inspecting a document's pixels, structure, fonts, and metadata to decide whether it was edited, spliced, or manipulated after creation.

Traditional review compares what a document looks like against what it should look like. Modern document tampering detection adds layers humans can't do reliably: Error Level Analysis (ELA), copy-move and splice detection, font and kerning fingerprinting, PDF object inspection, and metadata edit-trail analysis.

TrueDoc combines all of those into one trust score so reviewers see a single verdict plus the underlying tampered document detection signals.

Common signs of document tampering

Pixel-level splices on identity, financial, and business documents — usually visible under ELA even when the rendered image looks clean.

Overlay edits on scans where numbers, names, or dates have been painted over the original content.

Layered or composited screenshots stitched from multiple sources to fabricate a single 'proof' image.

Re-encoded files that hide earlier edits by re-compressing the entire document.

Mismatched fonts, kerning, or row alignment in a single document — a strong edited document detection signal.

Metadata inconsistencies — Producer, Creator, ModDate, EXIF, XMP — that disagree with the document's claimed origin.

Metadata, layout, and visual inconsistency checks

Metadata fraud detection inspects PDF metadata, EXIF, XMP, and incremental-update chains for inconsistencies. Missing entries, modified ModDate values, and incremental updates that postdate the document's claimed origin are all surfaced as evidence.

Layout checks evaluate column alignment, table structure, and content placement against expected patterns for the document type — useful for catching document manipulation that is structurally inconsistent but visually plausible.

Visual inconsistency checks combine ELA, splice detection, copy-move analysis, and font fingerprinting into one tampered document detection layer. All three layers feed the same trust score and findings list.

Run a real document. Get a forensic verdict.

No credit card. Redacted report in under a minute.

▸ FAQ

Frequently asked questions