When applicants upload documents (such as paystubs, bank statements, or offer letters), Payscore uses automated document analysis to evaluate the authenticity and integrity of those files.
The results appear in reports as risk signals, which help indicate whether a document appears trustworthy or may require closer review.
What are risk signals?
Risk signals are automated checks that look for patterns commonly associated with altered, manipulated, or inconsistent documents.
No single signal automatically means a document is fraudulent—signals are evaluated together to provide context.
Types of document risk signals
Text and formatting checks
These signals look for inconsistencies in how text appears within the document:
Font inconsistencies – Unusual or mixed fonts that may indicate editing
Overlaid or edited text – Text added on top of existing content or modified after creation
Text compression or touchups – Signs that text has been altered or compressed
Name, address, or date format anomalies – Formatting that differs from standard patterns
Structural and layout checks
These signals examine the underlying structure of the file:
PDF alignment issues – Layout irregularities that may suggest editing
Flattened PDFs – Files flattened in a way that can obscure edits
Malformed or inconsistent dates – Dates that are incorrectly formatted or inconsistent
Metadata analysis
Metadata is information stored within a file that describes when and how it was created or modified.
Signals may include:
Missing metadata
Metadata dates that don’t align with expected timelines
Metadata showing unexpected edits or modifications
EXIF data changes (commonly associated with images)
Annotations and editing indicators
These checks identify evidence of post-creation changes:
Annotations or annotation dates
Brush or editing tool usage
Edits detected during scanning
Software indicators linked to document modification
Similarity and reuse detection
These signals help identify reused or replicated content:
Copied images or text
Use of known templates
Matches to known fraudulent patterns or blacklists
How to interpret risk signals
Risk signals provide additional context, not a final decision
Multiple signals together may suggest higher risk
Low or no signals generally indicate a document appears consistent
Customers should review documents alongside their own screening criteria and policies
Important notes
Risk signals are generated automatically
Not all documents will show risk signals
The presence of a risk signal does not automatically mean a document is fraudulent
Applicants do not see these signals—reports are provided to customers only