Researchers from the University of Pretoria have developed a new technique for detecting tampering in PDF documents by analyzing the file’s page objects. The new prototype uses Python to detect changes to a PDF document, such as text, images, or metadata. PDFs are increasingly used in various industries and are a target for criminals who want to affect contracts or aid in misinformation. Current techniques for detecting changes in PDFs rely on watermarking and hashing, which can only detect visible parts of a PDF. However, these methods do not analyze hidden elements like metadata or background data, making it difficult to identify exactly where or what was changed. The new prototype uses the hashlib, Merkly, and PDFRW libraries to generate hashes and access intricate PDF structures. It performs two primary functions: protecting a PDF and assessing a PDF for forgery. To protect a PDF, the prototype reads the PDF document and calculates unique digital fingerprints, known as hashes, from various elements. These hashes are secretly embedded as new, hidden keys into the relevant file page object and the PDF’s main “root” object. The PDF tampering prototype works well with Adobe Acrobat, but it does not yet detect all possible PDF changes, such as altering a document’s font without changing the actual content or adding JavaScript code.