Introduction

Veryfi Fraud Detection Suite provides a sophisticated layer of protection that works alongside our core data extraction API. This comprehensive solution helps businesses identify potentially fraudulent documents before they enter your workflow, saving time and preventing financial loss.

Our multi-layered system employs a diverse set of signals and triggers to analyze each submission from multiple angles - from device-level patterns that identify suspicious user behavior to detailed document forensics that spot visual manipulations. The system returns clear color-coded results (Green, Yellow, Red) based on customizable thresholds, making it easy to automate.

In this Article, we describe the Fraud Suite for Receipts / Invoices OCR API https://api.veryfi.com/api/v8/partner/documents

Fraud Detection for CPG and FinTech Verticals

Fraud prevention is particularly critical in the CPG and Financial Technology sectors, where document fraud can directly impact promotional campaigns, loyalty programs, and financial transactions. Organizations in these industries face unique challenges that require specialized fraud detection approaches.

Why Fraud Detection Matters in These Sectors

Financial Asset Protection: Safeguards against direct monetary losses from fraudulent redemptions and reimbursements
Customer Trust Preservation: Maintains consumer confidence in promotional programs and financial services
Operational Cost Reduction: Minimizes resources wasted on investigating and resolving fraudulent claims
Regulatory Compliance: Helps meet industry-specific compliance requirements and audit standards
Brand Reputation Defense: Prevents damage to brand image from exploitation of promotions or services
Fair Competition Promotion: Ensures all customers have equal access to legitimately earned rewards and benefits

Veryfi continues to invest in advanced fraud detection capabilities specifically designed for CPG and FinTech applications. Our CPG and FinTech fraud detection features include specialized analysis of receipt authenticity, promotion stacking patterns, submission velocity monitoring, and sophisticated duplicate detection algorithms calibrated for these unique business environments.

Implementing Effective Fraud Prevention with Veryfi

Key benefits:

Multi-layered protection: Examines both user behavior patterns and document characteristics
Customizable thresholds: Adjust sensitivity based on your risk tolerance and specific fraud patterns
Easy integration: Color-coded results simplify implementation with your existing workflows
Continuous evolution: Our fraud detection capabilities are constantly refined to address emerging threats

For maximum protection, we recommend implementing both device monitoring (through Veryfi Lens) and document analysis features. Start with the default threshold settings, then adjust based on your specific needs and fraud patterns over time.

To access comprehensive fraud protection that examines both user behavior patterns and document forensics, organizations should implement Veryfi Lens SDK. This integration activates the full Fraud Detection Suite, enabling businesses to identify suspicious activities across all aspects of document submission in one unified system.

How Veryfi Fraud Detection Works

The Triggers system is the core mechanism of Veryfi Fraud Detection Suite that evaluates submitted documents and flags potential fraud in the JSON response:

Color-Coded Response System:

When signals or abnormalities are detected, the system triggers an investigation. Each submission receives a color code based on fraud probability:

Green: Low risk submission
Yellow: Moderate risk, requires review
Red: High risk, likely fraudulent

Key Response Elements:

Fraud Color meta.fraud.color Visual indicator of risk level
Fraud Probability meta.fraud.score A numerical score between 0 and 1. Predicted probability of a document having an abnormality. Where <0.5 results in meta.fraud.color Green, 0.51-0.75 - Yellow, >0.75 - Red.
Fraud Signals meta.fraud.types List of all detected fraud indicators, sorted by importance.
Warnings meta.warnings Calculation inconsistencies that may indicate potential issues

❗️Building Custom Fraud Detection with Veryfi Veryfi empowers users with a flexible set of signals that can be used as building blocks within our Business Rules engine to construct highly customized systems. This modular approach allows companies to combine signals in unique ways, apply industry-specific logic, and create sophisticated multi-stage verification workflows.

Fraud Types: Comprehensive Fraud Detection Categories

Veryfi AI scans for various abnormalities, with each detection triggering specific flags in the system. These fraud types are organized into three main categories:

1. Catching Bad Actors

Identifies suspicious user behaviors and device patterns:

High Velocity & Critical Velocity: Abnormal submission rates
Multiple Profiles or Devices: Account sharing or device switching
Fraud History: Previous fraudulent activity from same device
Emulated Device: Submissions via app emulation software
Blocked Device: Submissions from blacklisted devices

2. Artifact Analysis

Examines document contents for manipulation:

Handwritten Characters: Manual alterations to key fields
Digital Tampering: Software-based document editing
Fraudulent PDF: Analysis of PDF creation methods and structure

3. Classification

Evaluates document legitimacy and prevents duplicate submissions:

Not a Document: Identifies non-receipt submissions
LCD Photo: Detects screen photography instead of original documents
Screenshot: Identifies digitally-created (non-paper) submissions
Generated Document: Detects AI-created content

4. Uniqueness

Duplicate & Similar Documents: Prevents resubmission of identical or similar documents

Each type can be configured with custom thresholds, allowing you to adjust detection sensitivity based on your specific risk tolerance and submission patterns.

Please refer to Veryfi API Documentation > Meta for the most up-to-date JSON structure and field descriptions.

Bad Actors	Fraud Type Description
`high velocity` `meta.fraud.submissions`	This feature identifies unusually high numbers of receipt submissions from a specific `device_id` across multiple time periods. The system monitors submission rates during these intervals: Last 6 minutes Last day Last 2 weeks Last 30 days Fraud Color Assignment Default: Fraud Color set to `Yellow` if triggered. The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side *Depends on Veryfi Lens data
`critical velocity` `meta.fraud.submissions`	This feature identifies extremely high numbers of receipt submissions from a specific `device_id` across several time periods. Similar to high velocity but with more aggressive thresholds. Threshold values for critical velocity are configured with higher limits than standard high velocity. When a `device_id` exceeds these elevated thresholds, the system flags potential fraudulent activity with greater urgency. Fraud Color Assignment Default: Fraud Color set to `Red` if triggered. The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side *Depends on Veryfi Lens data
`multiple profiles or devices`	The system tracks and flags unusual patterns where: A single account submits receipts from numerous different `device_id`. A single `device_id` is used to submit receipts through several different accounts Within the past `30` days. This helps identify potential fraud, account sharing, or bad actors attempting to manipulate the *Depends on Veryfi Lens data
`fraud history`	When a user `device_id` with known fraudulent activity attempts new submission, the system escalates the risk assessment based on this historical pattern of bad behavior.. This feature increases the fraud score when receipts are submitted from a `device_id` that has previously submitted fraudulent documents. The system examines: Past 30 days of submission history Requires a minimum of 5 submissions to trigger Configurable by "div_coef" - higher values make this feature less aggressive *Depends on Veryfi Lens data
`emulated device`	This feature immediately returns the `Red` color if the document was submitted via app emulation software. When the system detects that a receipt submission originates from an emulated environment rather than a genuine mobile device, it automatically flags this as high-risk activity. This identifies attempts to use virtual devices, app simulators, or other emulation technologies that may indicate fraudulent submission patterns. *Depends on Veryfi Lens data
`blocked device`	This feature immediately returns the `Red` color if `device_id` is in a blocked list. When a receipt submission comes from a `device_id` that has been explicitly added to the system's blocklist, it automatically triggers the highest risk level. This allows for immediate identification and rejection of submissions from devices previously confirmed to be associated with fraudulent activity.
Artifact Analysis	Fraud Type Description
`handwritten characters` `meta.handwritten_fields`	This feature detects handwriting in specific fields of the submitted document. When handwritten modifications are identified, the system provides a list of the exact areas where handwriting occurred using dot notation. For example, `line_items.1.total` indicates that the total in line item 1 was manually altered or written. Fields examined for handwriting detection include: total subtotal date line_items: total price tax_breakdown: tax tax_base This analysis helps identify receipts that may have been manually modified to alter key financial information or the extracted value is handwritten. Some customers use this field as a separate signal to build workflows for data handling. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side This flexibility allows organizations to adjust sensitivity levels based on their specific risk tolerance and fraud patterns.
`digital tampering` `meta.``digital_tampering_fields`	This feature visually detects instances where documents have been digitally altered or manipulated. It identifies when fraudsters use software like Photoshop to modify numbers, text, or QR codes in a receipt image. The system can also detect copy-paste manipulations, such as duplicating digits to change amounts (e.g., altering "99" to "9999"). The detection works specifically on photo submissions where visual alterations are present, analyzing pixel-level inconsistencies and pattern anomalies. This feature can be configured to focus on specific fields, including: total subtotal date line_items: total price tax_breakdown: tax tax_base By identifying digital manipulation attempts, this feature helps prevent acceptance of fraudulently modified receipts where visual editing has occurred. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
Document Classification	Fraud Type Description
`not a document`	This feature identifies if the submitted image is not a valid receipt or document, but rather a random photo or unrelated document type. It functions as an enhanced extension of the document-level field `is_document`. The system employs document classification algorithms to determine whether the submitted image contains legitimate receipt content or is an attempt to submit irrelevant material. This feature helps prevent fraud attempts where users submit random images, screenshots, or unrelated documents instead of actual receipts. Users who implement the Fraud Suite can utilize this feature instead of the basic `is_document` field for more sophisticated document verification. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
`LCD photo` `meta.fraud.pages.is_lcd`	This feature identifies when the submitted image is a photograph of a digital screen (monitor, tablet, or phone display) rather than an original document. The system uses advanced image analysis to detect the characteristic patterns, pixel structures, and lighting anomalies that appear when someone takes a picture of an LCD/LED screen displaying a receipt. This helps prevent fraud attempts where users submit screen captures or photos of digitally displayed receipts instead of original receipt images. By detecting screen photography, this feature helps ensure that only legitimate receipts captured directly from physical documents are processed. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
`screenshot` `meta.fraud.screenshot.type`	This feature identifies when the submitted document is likely not paper-based but was created digitally. The system classifies digital submissions into specific categories: `mobile_screenshot`: Content captured directly from a mobile device screen `other_screenshot`: Screenshots from non-mobile digital devices `ai_generated`: Content created using AI generation tools `null`: No digital creation detected (likely a legitimate paper document) This analysis helps prevent fraud attempts where users submit digital recreations or manipulated versions of receipts instead of images of actual physical documents. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
`generated document`	This feature is designed to detect images created by AI tools (such as ChatGPT, DALL-E, or other generative AI systems). It employs a dual detection approach: Visual check: A specialized neural network analyzes image characteristics to identify telltale signs of AI generation. This analysis works only on images and not on PDFs or other digital documents like screenshots. `meta.fraud.screenshot.type:ai_generated` EXIF data check: The system examines document metadata for traces that indicate AI generation. This method only works when metadata is preserved in the submission and contains recognizable AI generation markers. `meta.source_documents.exif` This feature helps prevent fraud attempts involving artificially created receipts that never existed in reality but appear legitimate. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
`fraudulent pdf`	This feature performs comprehensive analysis on PDF documents to detect signs of manipulation or fraudulent activity. It includes three specialized detection mechanisms: Fraudulent PDF Creator: Analyzes the software used to create or edit the PDF. Each known software application is assigned a fraud probability score. For example: Photoshop: 0.95 (high probability of fraud) Illustrator: 0.95 (high probability of fraud) PDFTools SDK: 0.8 (elevated probability of fraud) Scores range from 0 to 1, with higher values indicating greater likelihood of fraudulent manipulation. Text Overlay: Examines word bounding boxes to identify text elements that highly overlap with each other. Such overlapping can indicate document editing or hidden text insertion. Scores range from 0 to 1, with higher values indicating more suspicious text placement. Font Mismatch: Evaluates the number and variety of fonts used per page. An unusual diversity of fonts may suggest document tampering or assembly from multiple sources. Scores range from 0 to 1, with higher values indicating more suspicious font usage patterns. Fraud Color Assignment The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
Uniqueness	Fraud Type Description
`duplicate` `is_duplicate`	This feature identifies when a submitted document is likely a duplicate of a previously submitted one. The detection algorithm employs straightforward matching of extracted values to identify repeated submissions of the same receipt. The system utilizes the document-level field `is_duplicate` to flag instances where key receipt data points (such as vendor, date, total amount, etc) match those of previously processed documents. This helps prevent fraud schemes involving multiple submissions of the same receipt for additional reimbursements or rewards. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side
`similar documents` `meta.duplicates`	This feature identifies when a submitted document's text has high similarity with previously submitted documents, even if they aren't exact duplicates. The system performs comprehensive text comparison analysis and returns a list of similar documents in the `meta.duplicates` field, complete with similarity scores. This allows for detection of slightly modified versions of the same receipt or documents that contain highly similar content but with minor alterations/differencies. Similarity thresholds are fully configurable, allowing businesses to adjust sensitivity based on their specific needs and fraud patterns. Fraud Color Assignment: The fraud decision color for this feature is fully configurable. Thresholds can be customized for each signal by either: Embedding threshold settings directly on the Veryfi side Using Business Rules (BR) to construct custom thresholds on the users' side

Warnings: Additional Verification Layer

Veryfi Warnings system works alongside the Fraud Detection Suite to identify calculation inconsistencies and logical discrepancies that may indicate potential issues. Unlike fraud signals that detect deliberate manipulation, warnings highlight natural anomalies such as mismatched line item totals, duplicate entries, or tax calculation errors that might occur in legitimate receipts but still warrant verification.

This additional layer of scrutiny helps organizations maintain data integrity even when submissions pass fraud detection, ensuring complete confidence in extracted financial information.

`line_item_amount_missmatch`	Line item totals x quantity do not add up to the subtotal value.
`line_item_repeats`	A duplicate line item was detected.
`tax_rate_missmatch`	When Tax Rate x Subtotal != Tax Amount
`item_counts_missmatch`	When number of products on line items doesn't match Number of Items Sold value
`totals_missmatch`	When subtotal from line items doesn't match subtotal on the document
`barcode_decoding_issue`	When barcode is present on the document but is not decodable
`logo_vendor_missmatch`	When vendor name from logo doesn't match vendor name output from model
`barcode_code_missing_in_ocr`	Decoded Barcode numbers were not found on the document
`malware`	Supplied pdf file contains executable javascript code or eicar malware

How to Get Access

Veryfi Fraud Detection Suite is a premium feature that requires separate activation beyond the standard API access. If you're interested, please contact your Veryfi account manager to enable it for your organization.

Need help? Reach out to support@veryfi.com

A Walk-Through of Veryfi Lens SDK

Veryfi’s Data Enrichment

Blur detection and image quality

Duplicate Spike Alert

Detecting AI-Generated Documents with Veryfi