Fraud Analysis

Prerequisites

New to Finovox API? Start with the API Reference to learn the basics before diving into fraud analysis.

Finovox fraud detection analyzes documents through multiple methods to identify manipulation, forgery, or tampering. Each document receives a global_risk score and detailed risk assessments.

Finovox uses five complementary detection methods to analyze documents:

Method	Output Field	What It Detects
Software Analysis	software_risk	Image editing software (Photoshop, GIMP), screenshot tools, document manipulation software
Metadata Analysis	metadata_risk	Inconsistent dates, modified metadata, suspicious application names, timezone anomalies
Data Structure Analysis	datastructure_risk	Abnormal PDF structure, unusual compression, font anomalies, object manipulation
Vision Analysis	vision_risk	Visual cloning, image splicing, content removal, text overlays, resolution mismatches
Consistency Analysis	coherence_risk	Date inconsistencies, invalid business data (Company registration number, VAT), company status vs document date, amount discrepancies

Each method produces a risk score: low, medium, or high.

API Usage

The analysis types related to fraud detection are: risk, explanation, pdf_report, and pdf_summary_report. You can combine them in the analyse_type array.

Below is a summary of all available analysis types:

risk — Risk Scores

Returns fraud risk scores across all detection methods.

Input format:

{
  "analyse_type": ["risk"]
}

Output format:

{
  "name": "sample.pdf",
  "global_risk": "high",
  "software_risk": "high",
  "metadata_risk": "high",
  "datastructure_risk": "low",
  "vision_risk": "low",
  "coherence_risk": "medium",
  "document_quality": "acceptable",
  "software": "photoshop"
}

explanation — Fraud Explanations

Provides human-readable explanations for detected fraud indicators in both English and French.

Input format:

{
  "analyse_type": ["explanation"]
}

Output format:

{
  "name": "sample.pdf",
  "explanation": [
    {
      "category": "datastructure",
      "data": {
        "en": "Text has been hidden: John Doe",
        "fr": "Du texte a été masqué : John Doe"
      },
      "zoning": [
        {
          "description": {
            "en": "Hidden text: John Doe",
            "fr": "Texte masqué : John Doe"
          },
          "page_number": 1,
          "xleft": 0.649,
          "xright": 0.737,
          "ybottom": 0.78,
          "ytop": 0.793
        }
      ]
    },
    {
      "category": "software",
      "data": {
        "en": "Document of category 'Invoice' edited with 'Photoshop'",
        "fr": "Document de catégorie 'Facture' édité avec 'Photoshop'"
      },
      "zoning": []
    }
  ]
}

The category key matches the detection methods: software, metadata, datastructure, vision, coherence.

The zoning key contains a list of bounding boxes localizing the anomaly on the document. It may be empty ([]) if the control has no visual location.

Field	Type	Description
xleft	float (0→1)	Left edge
xright	float (0→1)	Right edge
ybottom	float (0→1)	Bottom edge
ytop	float (0→1)	Top edge
page_number	int	Page number, 1-indexed
description	{en: str, fr: str}	Localized description of the detected anomaly

Coordinates use the bottom-left corner as origin (0, 0): x goes left→right, y goes bottom→top.

pdf_report — Full PDF Report

Generates a comprehensive PDF report with visual evidence of fraud indicators.

Input format:

{
  "analyse_type": ["risk", "pdf_report"]
}

Output format:

{
  "name": "sample.pdf",
  "global_risk": "high",
  // ... other risk fields ...
  "pdf_report": {
    "en": "JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC...", // Base64 encoded PDF
    "fr": "JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC..."  // Base64 encoded PDF
  }
}

The PDF report includes:

• Risk score summary
• Detailed findings for each detection method
• Visual annotations highlighting suspicious areas

pdf_summary_report — Summary PDF Report

A condensed version of the PDF report focusing on key findings.

Input format:

{
  "analyse_type": ["risk", "pdf_summary_report"]
}

Output format:

{
  "name": "sample.pdf",
  "global_risk": "high",
  // ... other risk fields ...
  "pdf_summary_report": {
    "en": "JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC...", // Base64 encoded PDF
    "fr": "JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC..."  // Base64 encoded PDF
  }
}

Complete Example

Combining multiple analysis types:

Python

import requests
import json
import base64

url = "https://api-v2.finovox.com/analyse"
headers = {"api-key": "YOUR_API_KEY"}

payload = {
    "analyse_type": ["risk", "explanation", "pdf_report"]
}

with open("document.pdf", "rb") as f:
    files = [("file", ("document.pdf", f.read()))]
    data = {"payload": json.dumps(payload)}

    response = requests.post(url, headers=headers, files=files, data=data, timeout=150)
    result = response.json()

    # Access fraud risk
    print(f"Global Risk: {result['global_risk']}")

    # Read explanations
    for exp in result['explanation']:
        print(f"{exp['category']}: {exp['data']['en']}")

    # Save PDF report
    if 'pdf_report' in result:
        pdf_data = base64.b64decode(result['pdf_report']['en'])
        with open("fraud_report.pdf", "wb") as f:
            f.write(pdf_data)

Javascript

// npm install axios form-data
const fs = require('fs')
const axios = require('axios')
const FormData = require('form-data')

const url = 'https://api-v2.finovox.com/analyse'
const headers = { 'api-key': 'YOUR_API_KEY' }

const payload = {
    analyse_type: ['risk', 'explanation', 'pdf_report']
}

const form = new FormData()
form.append('file', fs.createReadStream('document.pdf'))
form.append('payload', JSON.stringify(payload))

axios.post(url, form, {
    headers: {
        ...headers,
        ...form.getHeaders()
    },
    timeout: 150000
}).then(response => {
    const result = response.data

    // Access fraud risk
    console.log(`Global Risk: ${result.global_risk}`)

    // Read explanations
    result.explanation.forEach(exp => {
        console.log(`${exp.category}: ${exp.data.en}`)
    })

    // Save PDF report
    if (result.pdf_report) {
        const pdfData = Buffer.from(result.pdf_report.en, 'base64')
        fs.writeFileSync('fraud_report.pdf', pdfData)
    }
})