Catching document fraud with Photoshop detection and EXIF analysis

Catching document fraud with Photoshop detection and EXIF analysis

Did you know that document fraud is the largest criminal activity in the world? According to Info Security, document fraud is costing the global economy £3.2 trillion annually, and it keeps growing every day.

As a business, it is therefore vital to have systems in place to ensure the security of information and to maintain the integrity of data. With the latest developments in artificial intelligence, this has come within everyone’s reach. Smart, computerized systems provide opportunities to protect yourself against document fraud and fight the occurrence of this practice.

In this blog, we will start by analyzing fraud in today’s business environment, then discuss the most common types of fraud, and finally, show how Klippa can help you to detect document fraud in real time.

How big is document fraud in today’s business environment?

Nowadays, we live in a connected age in which most of our documentation is digital. With our documentation floating around the Web with little to no protection, it surges the need to protect our data.

Pretty much all industries require customers or clients to use official documents, like passports, for financial transfers and identity verification. These documents can easily be manipulated (identity fraud is the biggest type of fraud), so it is extremely important to have safeguards in place in order to catch and prevent fraud in the earliest stage possible. 

What are the most common types of fraud?

Document fraud can occur in a variety of ways and across different document types, from invoices and receipts to contracts and identity documents. 

The types of fraud that we come across most often, are:

  • Identity fraud
  • Invoice fraud
  • Receipt fraud

Identity fraud

Identity fraud is the act of using stolen identity in criminal activities to obtain goods or services by deception. In other words, the criminals pass themselves off as someone else in order to get benefits or gains.

You can think of scammers who obtain a victim’s credit card and use their data to practice unauthorized acts. For example, they buy products or services, without the knowledge of the data owner and without authorization. 

Often, the victim is only aware of the criminal act after it has been committed. The crime is only noticed after it has caused financial damage to the victim or to the company. 

In summary, these are the most common things fraudsters do when committing identity fraud:

  • Use the victim’s name, Social Security Number or date of birth 
  • Use the victim’s address 
  • Recreate the victim’s signature 

Invoice fraud

A typical case of invoice fraud is when a company is contacted by someone claiming to represent a supplier. Nine out of ten times, fraudsters create fake invoices based on their knowledge of the relationship between the buyer and the supplier. 

Then, they proceed by requesting to change the bank account details with the goal of misleading the company into transferring the money to the fraudster’s account. 

No one is safe from becoming a victim of invoice fraud. In fact, even big companies with a massive security budget are vulnerable to such attacks. Amazon, for example,  paid over $19 million in 2020 for products that were never purchased. 

The fraudsters manipulated the data in Amazon’s seller system in order to make illegal payments. By creating a fake wholesale business and shipping products that were not in line with what they had reported initially, the criminals billed Amazon for a crazy amount of money.

Receipt fraud

Receipt fraud consists of committing forgery or duplicating receipts in order to get money or to get some type of reward. An employee, for example, might create a fake receipt for a product or service they didn’t buy and then submit it for reimbursement. 

It also occurs that employees present a personal expense as a business or work-related expense.

In summary, these are the most common things fraudsters do when committing receipt or invoice fraud:

  • Changing the payment details on an invoice
  • Using a personal expense as a work-related expense
  • Changing the dates, the amount or the store location 
  • Removing products (for example alcohol) 
  • Using duplicated receipts or invoices

As you can see, there are many ways to manipulate and misuse receipts, invoices, and ID documents. Most of them are even unnoticeable to the human eye, such as a masterfully Photoshopped document. Hence, let’s have a look at how smart technologies can help you to prevent and detect these kinds of fraud.

How to prevent and detect document fraud 

Technologies that detect document fraud have evolved over the years at unprecedented rates with the rise of artificial intelligence and intelligent document processing (IDP).

This is also needed because fraudsters are getting better and better at manipulating information and hiding their changes by using techniques such as graphics processing and deep fake engineering.

Image analysis helps in detecting these signs of forgery, which often go unnoticed. Klippa, for example, uses an automated procedure that scans different fields and elements in a document.

Let’s have a look at the two main features employed by Klippa for real-time document fraud detection:

  • Photoshop detection
  • EXIF analysis
  • Duplicate detection

Photoshop detection

To show you the way in which we can detect Photoshop activity in images, let’s take the example of a fraudulent employee, who Photoshops a receipt to report a higher expense claim.

In the first step of the process, the employee uploads a photo of the receipt into the expense management software as a proof of purchase. When this image is captured with a camera, the colors aren’t perfect: the white background of a receipt actually features a lot of small variations, which only appear distinctly visible when zoomed in.

In the close-up of the receipt above you can see that the background is not ‘smooth’, with different tones of colors, and with many small ‘speckles’ which we call ‘image noise’.

When images are tampered using image editing software (like Photoshop), such tampering may leave subtle traces in an image, which would not naturally occur when a picture is taken.

For images that haven’t been tampered with, this image noise is undisturbed, and roughly equally distributed throughout the entire image. However, when one uses Photoshop to insert an extra digit into the image and re-saves it, you can see some interesting differences between the background and the photoshopped content:

As you can see in the image above, the digit ‘1’ was digitally inserted. This only becomes apparent upon closer inspection, as we notice the difference in terms of quality and surrounding noise.  

Using a variety of techniques, we can exaggerate subtle deviations in an image’s noise levels to enhance noise artifacts, and reveal potential Photoshop attempts, as they stand out from the natural, undisturbed noise around it.

By comparing these anomalies with other characters in the document, we can get an idea of what characters normally look like (the other digits “34,00” do not display different noise), and determine when deviations occur.

Another way to detect fraud is by checking the font type of the characters. For example, if you notice that the letters or numbers are slightly different compared to the other characters then most likely there have been some modifications.

Visual inspection alone may not always be enough though. After all, some Photoshop tampering can be done so masterfully, that it may not even be detected by algorithms. In such cases, you can also look for discrepancies in the Exif data of an image, which we will describe next.

EXIF analysis

Let’s start with the question “what is EXIF data?”. It may sound complicated, but it is actually quite simple to understand the meaning of this term. EXIF data often referred to as ‘metadata’, is data that describes other data.

Metadata outlines basic information about a file, such as an author type, creation date, usage, file size, and more. Metadata is crucial to the efficiency of information systems to classify and categorize data.

When an image is taken with a camera, it is saved as a file type (usually a .jpg, or .png). This image file is normally saved with additional metadata, such as the image resolution, and the time and date it was captured. Furthermore, it provides information about when it was changed or by which software, for example. 

In the previous image, you can see an example of the EXIF data of an image. If you look at the ‘Software’ field, you can see that it was recorded in the metadata that the image has been opened in Photoshop. 

EXIF analysis can be very useful to catch fraudulent tampering: when editing software is found in the metadata, the chances are high that the image has undergone some sort of manipulation. 

Duplicate detection

When someone tampers with a document, and copies & pastes an item in it, that’s called duplication tampering. Duplicate detection is the process of detecting the presence of such tampering, in other words, determining whether an item in the image was duplicated.

Here’s an example of duplicate detection: a receipt wherein the digit ‘5’ has been copied and pasted over several times:

When one copies characters which were already present in an image, to another location, no unnatural noise or image artifacts are introduced that are alien to the image. The photoshopped item will appear to be as natural as the rest.

In the image above, we can verify ‘5,50’, but unlike the editing done previously, the duplicated ‘5’ does not appear different from the original.

By using a similar approach to fingerprint detection, Klippa can create a unique digital fingerprint of all characters in a document. Rather than using the noise levels to determine what items appear unnaturally different, we can instead make use of the same noise levels to determine which items appear unnaturally similar. In this way, we can effectively detect duplicate characters in documents.

Nevertheless, we can still detect such photoshop attempts:

The benefits of AI document verification vs manual document verification

So far so good, but what are the practical benefits of using AI-powered document verification in your company? In order to answer this question, let’s compare it to the old, manual way of document verification.

Manual document verificationAI-powered document verification

In the manual process, an employee that has to review the documentation would need to compare a document to another document, checking item by item. This process can take up a lot of time and is prone to errors. 
Reduced costs

With AI-powered solutions, you can greatly reduce the time spent on document verification, and therefore save on overhead costs.
Difficult to scale 

Manual document verification is a complex task. Setting up a compliance team requires a substantial investment in staff. So needless to say, this takes time and makes it difficult for an organization to scale upon demand.
Fast and accurate processing

An automated solution provides the highest level of accuracy. It helps companies control the quality of their data, leading to more accurate data and better decision-making. 
Susceptible to human error

Manual verification is a time-consuming process with human errors and besides that, it is easy to miss certain statistics and numbers. 
Increased productivity

By using AI in document verification, employees have more time to focus on tasks that really matter resulting in increased productivity. 

All documents have to be stored and saved somewhere, leading to higher office rents and material costs.

Catch document fraud with Klippa 

We hope this blog makes you enthusiastic about catching fraud with the latest technologies. If you want to know more about the possibilities, you are at the right address!

Klippa can help you protect your company and prevent document fraud. Our OCR software is driven by machine learning, which is far more accurate than a human could ever be.

Would you like to see our technology in action? Or do you have questions about our fraud detection solutions? Please feel free to contact us or plan a free demo below. 

 Schedule a free online demonstration

A clear overview of Klippa in only 30 minutes.

Works with AZEXO page builder