Retrieve suspicious activity data for uploaded documents


Looking for our page on legacy Detect?

We've moved our documentation of FTD 1.0 (our legacy Detect product) to here. The Detect product described on this page supersedes FTD 1.0, and we recommend using it going forward.


Detect enables lenders to identify and contextualize fraudulent activity by using our best-in-class machine learning models. With clear signals and intuitive visualizations, lenders can confidently approve trusted loans while avoiding unnecessary losses.

We offer Detect through our Dashboard and through our API.

Detect offers specific indicators of possible fraud called signals. Signals include context that can be used to justify a claim of fraud, such as position information or edited text. Most signals are also visualized as colored highlights.

Contact your account manager for information about getting access to Detect.

Supported Documents

We support using Detect on bank statements, pay stubs, and W-2s. Other document types are not processed with Detect at this time.


We use the term signal to mean a specific indicator of a fraudulent modification to a document. Some signals we can uncover include:

  • Account holder name and address
  • Account number
  • Dollar amounts
  • Dates
  • Employer address
  • Transaction details


Watch out for false positives!

Although Ocrolus detects potentially fraudulent activity, final determination of fraud is up to you. Some flagged documents that appear suspicious may have an explainable reason. For example:

  • Documents with multiple names might belong to someone who recently changed theirs, or to someone whose name has multiple spellings.
  • Unusual image data could be due to poor image conversion on the part of the document's owner.
  • Reports of unusual fonts could be due to the design of the bank statement itself.

We encourage you to manually review any activity that Ocrolus reports as suspicious.


Most signals describe fraudulent edits to a particular region on a Document's page. Detect illustrates these signals as highlighted regions on top of the submitted document.


Signals idicating fraudulent activity are shown.

These visualizations can be seen with the in-browser Dashboard or obtained with the API.

Using Detect

You can use Detect through the Ocrolus Dashboard or through our two API endpoints. Both methods offer the same information (including visualizations), but are intended for different use cases.

All uploaded documents are automatically scanned for Detect signals, regardless of how they're uploaded; once the results are ready, you can view them at any time.


To get started with Detect through our Dashboard, log in to the Dashboard and select a Book (or create a new one if there aren't any). Upload a Document that contains one or more pay stubs, bank statements, or W-2s.



Results may not be available immediately, even after the uploaded documents are captured. Check back in a few minutes, or set up a webhook to be notified.

The Dashboard is better suited for use by fraud analysts or other non-technical users. It's also good for quickly reviewing documents without needing to set up API credentials or write code to use them. Check out this guide for more guidance on using the Dashboard.



Don't forget your keys!

To use Detect via our API, you'll need to create a set of credentials. See here for more information about using these credentials.

You can retrieve Detect signals from complete Books or from individual Documents. These endpoints return the same information that's available on the Dashboard, including visualizations; see the linked documentation for more information on how to access them.

The API is better for integrating Detect into custom fraud analysis workflows, such as for analytics or for internal review applications.


Ocrolus sends notifications to registered webhooks upon certain events. You can register a webhook to listen for the document.detect.signal_found or document.detect.signal_not_found events, which are respectively fired when an uploaded document contains or lacks at least one fraud signal.

E-Mail Notifications

If Detect signals are found on a newly-uploaded document, we send an e-mail notification to the user that submitted the document and to Managers within their Organization. This occurs regardless of how webhooks are configured.

If you'd like to subscribe or unsubscribe to Detect alerts, please contact [email protected] for further guidance.

Did this page help you?