Introducing Document Trust Seal: Cryptographic Protection Against Invoice Fraud

Invoice fraud is one of the most common and costly forms of business fraud. The attack is simple: a fraudster intercepts a PDF in transit, changes the bank account number, and forwards it on. The payment lands in the wrong account. By the time anyone notices, the money is gone.

The Document Trust Seal API is built to stop this before it starts.

How It Works

When you seal a document, two things happen:

1. •A professional Verified and Secured badge is stamped directly onto the PDF so the recipient can see it is protected.
2. •A SHA-256 fingerprint of the entire document is stored against a unique seal ID.

If a fraudster intercepts the PDF and changes a single character, the fingerprint no longer matches. The document fails verification. The original is never stored on our servers — only the hash and minimal metadata.

Two Tiers

Standard Seal (£0.10/doc) adds the visual badge and creates the cryptographic fingerprint. Your recipient can verify the document via the API.

Premium Audit (£0.25/doc) goes further. It embeds a QR code in the bottom corner of the PDF that links to a hosted Trust Page. The recipient scans the code, uploads the file they received, and gets an immediate pass or fail result. No account required. No API key needed.

Verification is always free and unlimited.

The Trust Page

The Trust Page is the part your customers interact with directly. When they scan the QR code on a Premium-sealed document, they land on a clean verification page. The page waits for them to drop or select the PDF they received.

Once they upload it, the result is instant:

• •Authentic — the file matches the original sealed version exactly.
• •Tampered — the file has been modified since it was sealed.

Every verification increments a counter against that seal ID, giving you a passive audit trail of how many times a document has been checked and by whom.

Seal a Document in Python

import requests

with open("invoice.pdf", "rb") as f:
    response = requests.post(
        "https://api.cparse.com/seal/v1/seal",
        headers={"X-API-Key": "YOUR_API_KEY"},
        files={"file": ("invoice.pdf", f, "application/pdf")},
        data={"tier": "premium", "issuer_name": "Acme Corp"},
    )

response.raise_for_status()
seal_id = response.headers["X-Seal-ID"]

with open("sealed_invoice.pdf", "wb") as out:
    out.write(response.content)

print(f"Sealed. ID: {seal_id}")

The sealed PDF is returned directly in the response body. The seal ID comes back in the X-Seal-ID header. Store it if you want to look up the seal metadata later.

Verify by Upload

curl --request POST \
  --url https://api.cparse.com/seal/v1/verify \
  --form 'file=@received_invoice.pdf'

Returns a JSON object with an authentic boolean and a plain-language reason field:

{
  "authentic": false,
  "seal_id": "a3f1c2d4-e5b6-7890-abcd-ef1234567890",
  "reason": "Document hash does not match the original. This document has been modified since it was sealed.",
  "seal_metadata": { "..." }
}

Who Is This For

• •Finance teams sending high-value invoices where payment redirection is a real risk.
• •Freelancers and agencies who have been targeted by man-in-the-middle fraud.
• •Accounts payable platforms that want to give their customers an extra layer of trust out of the box.
• •Legal and compliance workflows where proof of document integrity is required.

Getting Started

Sign up at cparse.com/dashboard and grab your API key. New accounts include free credit with no credit card required.

The full API reference, code examples, and tier comparison are in the Document Trust Seal documentation.

Arthur Sterling is the Lead Developer Advocate at Parse.