Demo Mode — curated FINDIT2 test samples
Hidden by default · activate with Shift+D or?demo=1
Clean receipt
Low Risk · ~0%
True negative — small clean receipt; heatmap stays sparse.
Text imitation (IMI)
High Risk · ~99%
Product line redrawn in similar font. The paper itself cites this file.
Deletion (CUT)
High Risk · ~100%
Product line erased — different attack class than text edits.
Multi-region digit edit (CPI)
High Risk · ~99%
12 modified Total/Product regions — most visually striking heatmap.
Cross-document paste (CPO)
High Risk · ~99%
Content pasted from another receipt.
Hard case — model under-fires
Low Risk · ~15% (but actually forged)
Honest limit. Real CPI on Total/payment that the model misses; image-level discrimination is dataset-hard (paper F1 < 30 too).
VAT QR — clean Phase-1 invoice
QR check ✓ verified
Synthetic Saudi VAT QR with valid TLV, 15% rate, total matches OCR.
VAT QR — Phase-1 spec violations
QR check ✗ failed (format)
VAT# is malformed and VAT > total — both should fail format checks.
VAT QR — decimal-shift fraud
QR check ✗ failed (mismatch)
QR encodes a smaller total than the printed receipt (10× shift) — OCR cross-check should catch the discrepancy.
Real Saudia invoice (Phase-2)
QR ✓ (CNN over-fires)
Real Saudi Arabian Airlines invoice with 9-tag Phase-2 QR (includes ECDSA signature + cert). Total 479.55 SAR. QR check passes cleanly. The patch CNN false-flags this as high-risk because PDF-rendered Saudi invoices are out-of-distribution vs the FINDIT2 training set — this is exactly the regime where the structural QR signal earns its keep.
Real Saudia — decimal-shift fraud
✗ DISCREPANCY
Same Saudia receipt with the printed total scaled 10× (479.55 → 4795.50). QR untouched. Killer demo of structural verification.
Real Saudia — total replaced
✗ total mismatch
Printed total replaced with a different amount (not a decimal shift). Tests the generic 'QR total not found in receipt' branch.
Real Aldawaa pharmacy invoice (Phase-1)
QR caveats (CNN over-fires)
Real KSA pharmacy receipt. Implied VAT rate is 6.47 % (mixed-rate / zero-rated meds), correctly flagged as a warn not a fail. QR seller is "صيدلية الدواء" (Pharmacy Aldawaa) but the body prints "شركة الدواء الطبية" (Aldawaa Medical Company) — same brand, different legal name → soft seller warn. CNN over-fires for the same reason as Saudia.
Real Aldawaa — decimal-shift fraud
✗ DISCREPANCY
Aldawaa total tampered 37.99 → 379.90. QR cross-check catches it.
Real Aldawaa — VAT zeroed
VAT warn
Printed VAT amount blanked out. The QR's declared VAT is no longer findable in the OCR text → soft warn.
Tip: clicking a demo card reuses the engine's cache; click the same card twice to surface the duplicate-detection signal.
!
Verdict
— High risk
Likely forged
Visual tampering AND a VAT QR discrepancy were both detected.
Patch CNN
High risk
forgery confidence 100%
VAT QR
Discrepancy
1 QR
100%
CNN forgery confidence
⚠ Duplicate: exact match of a file already analysed in this session.
Saudi VAT QR check ✗ failed
ZATCA
Phase-1
QR
Phase-1
QR
Seller
الخطوط الجوية العربية السعوديه|Saudi Arabian Airlines Corporation
VAT registration #
300000776210003Timestamp
2026-04-09T21:17:16
Invoice total
479.55 SAR
VAT amount
62.55 SAR
Phase 2
cryptographic tags present
Format
7/7
Cross-check vs receipt
2/3
· 1 failed
- invoice total matches receipt — QR total 479.55 SAR not found in receipt OCR (numbers seen: [1.0, 62.55, 417.0, 600.06]…).
Show all 10 checks
Format compliance
- payload decodes — Base64 + TLV well-formed; 9 tag(s) found.
- all mandatory tags present — Tags 1 (seller), 2 (VAT#), 3 (timestamp), 4 (total), 5 (VAT) all present.
- VAT number format — 300000776210003 — 15 digits, starts and ends with 3.
- timestamp valid — 2026-04-09T21:17:16Z (parses as ISO 8601).
- amounts numeric — Total 479.55 SAR · VAT 62.55 SAR.
- VAT ≤ total — VAT amount does not exceed invoice total.
- VAT rate ≈ 15% — Implied rate 15.00% (±2pp tolerance from 15%).
Cross-check vs receipt
- seller name on receipt — 'الخطوط الجوية العربية السعوديه|Saudi Arabian Airlines Corporation' identifying tokens found in OCR'd receipt text (token overlap 100%).
- invoice total matches receipt — QR total 479.55 SAR not found in receipt OCR (numbers seen: [1.0, 62.55, 417.0, 600.06]…).
- VAT amount matches receipt — QR VAT 62.55 SAR appears in the receipt OCR.
Key findings
- Multiple regions show strong evidence of editing.
- Showing the top 5 highest-confidence regions (highest score 100%). 402 of 387 text-bearing regions exceeded the model's threshold overall.
- Edit type predicted across the top 5 regions: 3 × copy-paste edits and 2 × deletions / erasures.
- Targeted fields: 4 × Date / store metadata and 1 × Total / payment lines.
- This file is an exact duplicate of one already analysed in this session.
- VAT QR check: QR total 479.55 SAR not found in receipt OCR (numbers seen: [1.0, 62.55, 417.0, 600.06]…).
Document — original & heatmap
Original
🔍 Click to zoom
🔍 Click to zoom
Suspicion heatmap
🔍 Click to zoom
🔍 Click to zoom
Suspicious regions
The top 5 highest-confidence regions out of all 402 that exceeded the model's threshold. Hover or click any thumbnail to highlight that 128 × 128 region on the document on the left.
1
CPI
Metadata
2
CUT
Metadata
3
CPI
Metadata
4
CUT
Total/payment
5
CPI
Metadata
Region breakdown table (5 rows)
| # | Coords | Score | Edit type | Field affected |
|---|---|---|---|---|
| 1 | (1344, 768) |
100% | CPI 55% | Metadata 38% (low conf) |
| 2 | (192, 704) |
100% | CUT 70% | Metadata 50% |
| 3 | (1280, 704) |
100% | CPI 31% (low conf) | Metadata 80% |
| 4 | (1408, 768) |
100% | CUT 49% (low conf) | Total/payment 44% (low conf) |
| 5 | (192, 768) |
100% | CPI 67% | Metadata 45% (low conf) |
Methodology, audit metadata & technical details
File:
saudia__total_doctored.png
SHA-256: 0ef76c82af3c…
Size: 1653 × 2337 px
Analysed: 2026-05-11 23:30:34
Model: FraudX v2-multi · ResNet-18 · ep13 · thr=0.08
Patch precision
92.25% vs paper OH-JPEG 79.41%
Patch F1 / AUC
91.79 / 0.97
Image-level F1
29.66 vs paper ChatGPT-relaxed 28.39
Patches scored (this image)
900 · 387 text-bearing
Regions ≥ threshold
402 · thr 0.08
Top-region score
1.000
Approach. ResNet-18 patch classifier (128×128, stride 64) trained on FINDIT2 (Tornes et al., ICDAR 2023). Two auxiliary heads classify the modification technique and the document field; the binary backbone is frozen so the headline patch precision (92.25%) is preserved bit-for-bit while adding explainability. Image-level fraud score is the top-k mean of patch probabilities over text-bearing regions only (edge density ≥ 0.02) — keeps blank regions from poisoning the score.
Class accuracies on the FINDIT2 test set.
- Edit type: CPI 73% · CUT 100% · IMI 38% · PIX 55% · Other 14%
- Field: Total/payment 67% · Metadata 47% · Product 27% · Company 24%
Original technical findings (raw).
- Patch CNN flagged 402 of 387 text-rich patches (top score 1.00).
- Top 5 suspicious regions clustered around image coordinates (1344,768), (192,704), (1280,704), (1408,768), (192,768).
- Predicted modification mix across top regions: 3× CPI, 2× CUT.
- Predicted entity types: 4× Metadata, 1× Total/payment.
- Document is an EXACT duplicate of a file already analysed in this session (resubmission).