Document forgery is making, altering, or using a false document with intent to deceive. The forms it takes have multiplied in the last three years. Counterfeit passports, altered bank statements, AI-generated PAN cards, deepfaked driver’s licenses, and forged GST certificates all fall under the same definition.
Five types account for almost all document forgery in production fraud cases:
- Counterfeit: an imitation of a genuine document, often with security features copied.
- Alteration: a real document modified after issuance, usually to change a date, photo, amount, or name.
- Signature forgery: a signature traced, simulated, or invented to authorize a document the signer did not authorize.
- Document assembly: legitimate elements from multiple documents stitched into one new artifact.
- Synthetic or deepfake: a document generated end-to-end by AI, with no real source record.
For banks, NBFCs, fintechs, insurers, and any business that relies on customer-submitted documents, forgery is a direct threat to revenue, compliance, and customer trust. This article covers what document forgery is under Indian law, how fraudsters create forged documents in 2026, the country-by-country penalty regime, and the layered controls that catch forgery at scale. Start with forgery detection techniques if you want the operational view first.
What is document forgery?
Document forgery falls under the broader umbrella of document fraud, where genuine documents are altered or imitated without permission. The intent is usually financial gain, identity theft, or evasion of legal or regulatory obligations. Fake documents and forged documents differ in method but share the goal: passing a fabricated record off as real.
Passports and driver’s licenses remain the most frequently forged documents, with bank statements, salary slips, and GST certificates close behind. Forged identity documents enter loan applications, claim processes, SIM activations, and seller onboarding flows. Once accepted, they create downstream losses that take months to surface and longer to recover.
Fake vs forged vs counterfeit
The three terms are often used loosely. The distinctions matter when the document ends up in a courtroom or a regulatory inspection.
- Fake means entirely fabricated, with no real source document.
- Forged means altered or signed without authority, or created with intent to deceive.
- Counterfeit means an imitation of a genuine document, often with security features replicated.
Counterfeit is one type of forgery; not all forgery is counterfeit.
Document forgery under Indian law: BNS 336, predecessor IPC sections, and adjacent statutes
Indian forgery law was overhauled in 2023. The Bharatiya Nyaya Sanhita, 2023 (BNS) replaced the Indian Penal Code, 1860 (IPC), and Section 336 of the BNS is now the primary forgery provision. The substantive law is largely unchanged, but the section numbers have moved and digital records sit on a clearer footing.
BNS 336 in plain English
Section 336 BNS defines forgery as making a false document or false electronic record with the intent to cause damage or injury, support a fraudulent claim, induce someone to part with property, or otherwise deceive. The penalties:
- Simple forgery: up to 2 years’ imprisonment, fine, or both.
- Forgery to cheat: up to 7 years’ imprisonment, plus fine.
- Forgery of court records, public registers, or valuable documents: longer terms, up to 10 years or life depending on the document class.
- Use of a forged document as genuine: treated the same as the forgery itself, so users are liable as well as makers.
The BNS makes one thing explicit that the IPC handled by interpretation: forged digital records (PDFs, scans, screenshots, signed e-documents) carry the same liability as forged physical documents. This matters because almost all KYC, lending, and insurance fraud now flows through digital documents.
Predecessor IPC sections 463 to 471
The old IPC provisions are still useful as reference because case law accumulated under them carries forward. The mapping is roughly:
| Old IPC | Subject | Now sits under |
|---|---|---|
| 463 | Forgery (definition) | BNS 336 |
| 464 | Making a false document | BNS 335 |
| 466 | Forgery of court records or public registers | BNS 337 |
| 467 | Forgery of valuable security or will | BNS 338 |
| 468 | Forgery for cheating | BNS 336 (aggravated) |
| 471 | Using a forged document as genuine | BNS 340 |
Courts citing pre-2023 judgments will continue to refer to IPC sections; cases filed after the BNS came into force cite the BNS.
PMLA 2002: when forgery becomes money laundering
The Prevention of Money Laundering Act, 2002 (PMLA), comes into play when forged documents are used to disguise the source of criminal proceeds. A forged ID used to open a mule account, a forged invoice used to layer transactions, or a forged property deed used to park funds all fall within PMLA scope. PMLA penalties are independent and additive: forgery prosecuted under BNS 336 plus money laundering prosecuted under PMLA can run concurrently.
IT Act 2000: digital forgery provisions
Section 65 (tampering with computer source documents) and Section 66 (computer-related offenses, including identity theft) of the Information Technology Act, 2000, cover the digital end of forgery. Sections 66C and 66D specifically cover identity theft and cheating by personation using a computer resource, both common modes for using forged documents. The IT Act and BNS apply together where digital forgery is involved, with sentences typically ordered to run concurrently.
What this means for risk teams
Indian enforcement is treating digital document forgery as a mainstream priority. The November 2025 conviction of a senior political figure to seven years for obtaining two PAN cards on forged documents shows the courts using the new BNS provisions in real cases. For banks, NBFCs, and fintechs, the practical implication is that a customer flagged for forged documents is now a clearly prosecutable matter, not a gray area. Internal SAR (suspicious activity report) workflows and reporting to FIU-IND should reflect that. Read Indian forgery laws and penalties for the full statutory walkthrough including case law.
Different types of document forgery
Recognizing the methods helps risk teams design controls that match the threat. Seven recurring types account for the vast majority of cases.
1. Creating counterfeit documents
Producing a counterfeit means reproducing a legitimate document as closely as possible, often mimicking security features like holograms, watermarks, or security threads. Specialized printing tools and templates circulate on dark-web markets, and the skill ceiling has dropped sharply. Passports, identity cards, foreign currencies, and legal papers with official seals are the most frequently counterfeited documents.
2. Manual forgery and physical alteration
Manual forgery involves physically altering information on an existing document: erasing text, using correction fluid, or cutting and pasting sections to modify content. The changes can be subtle but distort the document’s intent completely. Bank statements with edited income figures and educational certificates with modified grades are common examples.
3. Electronic manipulation
Digital forgeries are now the dominant mode. Off-the-shelf editors (Photoshop, GIMP, PDF editors) cover the bulk of routine tampering: changing a date, swapping a photo, editing an income figure on a payslip. Detection has shifted to pixel-level forensics because the visual edits often pass casual review. Examples include altered passports, fake driver’s licenses, and tampered digital signatures.
4. Document assembly
Document assembly stitches legitimate elements from multiple documents into one new artifact: header from one document, signature from another, body text from a third. The result looks authentic on a quick scan but fails layout-consistency checks. Both physical (cut-and-paste) and digital (compositing) variants exist.
5. Blank document theft and impersonation
Blank stealing involves taking blank forms of official documents (certificates, cheques, letterheads) and filling them with false information. Because the blank forms are genuine, the resulting documents pass surface inspection. The forgery succeeds because the format is real, even though the data is not.
6. Signature and handwriting forgery
Forging a signature is one of the oldest forms of document fraud and still one of the most common. There are three approaches. Traced signatures copy the visible outline of a real signature using a light source or transparent overlay; they look correct on paper but lack the natural pressure and speed of the original. Simulated signatures are practiced freehand until the forger can reproduce the shape from memory; they tend to show hesitation marks and uneven flow. Freehand forgery, where the fraudster invents a signature without reference to a real one, is the easiest to detect because it shares no traits with the genuine sample. Modern tools score signatures on pressure, speed, and stroke order, not just shape, which makes traced and simulated forgeries easier to flag.
7. Deepfake and synthetic-document forgery
This is the 2026 frontier. Instead of altering a real document or copying a template, fraudsters generate the document end-to-end with AI. Three patterns are dominating this:
AI-generated ID photos use diffusion models to produce a face that does not exist, then place it inside a real or templated ID layout.
Face-swapped passport photos transplant a real applicant’s face onto a stolen or invented document.
Fully synthetic certificates generate the entire artifact from scratch, including layout, fonts, watermarks, stamp impressions, and signature. None of these documents has a real-world source record, so traditional signature comparison and template matching catch them inconsistently. Detection requires AI-artifact analysis, deepfake examples, and cross-checks against issuer databases where available.
Tampering vs forgery vs deepfake: what’s the difference?
Three categories sit beside each other in production fraud detection. Each needs different controls.
Document tampering is post-issuance modification of a genuine document. Examples include changing names, amounts, dates, photographs, or addresses on an otherwise legitimate ID, bank statement, or certificate. Tampering preserves the original structure, which is why it often evades casual visual review.
Document forgery is the creation of an entirely fake document or imitation of an official format without a valid source record. This includes fabricated IDs, counterfeit certificates, and synthetic PDFs designed to resemble legitimate issuers.
Deepfake documents are generated or altered using AI-based synthesis: GANs or diffusion models for ID photos, cloned signatures, or fully synthetic documents designed to bypass manual and rule-based checks.
Why this distinction matters in 2026
Tampering still accounts for the largest share of document fraud at scale, but synthetic forgery is the fastest-growing category. Open-source diffusion models can now generate a passable Indian PAN card, an EU national ID, or a US bank statement in under a minute, with realistic fonts, watermarks, and even stamped seal patterns. Detection cannot rely on visual inspection alone. Banks, fintechs, and insurers need layered controls: pixel forensics for tampering, template and issuer-pattern matching for full forgeries, and AI-artifact detection for synthetic documents. A single check no longer covers the threat surface.
How fraudsters create forged documents
Forgery has become more accessible in the last three years. The traditional toolkit and the GenAI toolkit now coexist, and fraud teams need to understand both.
The traditional toolkit
Most forgery still happens with off-the-shelf tools. Photoshop, GIMP, and PDF editors cover the bulk of routine tampering: changing a date, swapping a photo, editing an income figure on a payslip. Templates of common ID documents circulate on dark-web forums, often sold with a font pack and an issuer-stamp library. For physical documents, fraudsters use light tables to trace signatures and high-resolution printers to reproduce holograms and security threads. The skill ceiling here is low. A motivated amateur can produce a convincing fake bank statement in an evening.
The 2026 GenAI toolkit
Generative AI has compressed the time and skill needed to produce a high-quality forgery. Three tools matter most. Diffusion models generate realistic ID-quality photos from a text prompt or a reference face, including matched lighting and head angle. Large language models populate templated documents with plausible text: bank statement transactions that match a target income, employer letters with the right tone for a given industry, certificates that mirror real institutions’ phrasing. Layout-matching scripts automate the visual fidelity step, applying the correct font, spacing, watermark position, and seal placement for a known issuer. Combined, these tools produce documents that no longer look “AI-generated” to the human eye.
Forgery-as-a-service operations have already commercialized these tools. Fraud rings in India, Southeast Asia, and Eastern Europe sell synthetic Aadhaar, PAN, and passport scans on Telegram for under USD 50 per document, with delivery in minutes. The economics now favor the attacker, which is why detection has to scale through automation rather than human review.
Country-by-country penalties for document forgery
Document forgery penalties vary widely. The legal and monetary consequences are often severe, given the harm these crimes cause across financial, governmental, and personal records.
India: BNS 336 and adjacent statutes
Detailed in the section above. Simple forgery: up to 2 years. Forgery to cheat: up to 7 years. Forgery of valuable documents: up to 10 years or life. PMLA, IT Act, and Consumer Protection Act provisions apply alongside BNS where relevant.
United States
Document forgery in the US is prosecuted under multiple federal laws. Title 18, U.S. Code, Section 471 addresses counterfeiting; Section 1028 covers creating or using false identity documents. Forging federal documents like immigration papers or Social Security cards can carry sentences up to 15 years. Section 1344, addressing financial fraud, can result in sentences up to 20 years.
United Kingdom
The Forgery and Counterfeiting Act 1981 covers creation, alteration, or use of forged documents. Penalties run up to 10 years’ imprisonment, with harsher terms for identity-document forgery used in identity theft.
Germany
Section 267 of the German Criminal Code (Strafgesetzbuch, StGB) addresses creation, alteration, or falsification of documents. Penalties range from fines to 5 years’ imprisonment, with longer terms for organized crime or significant financial harm.
France
Article 441-1 of the French Penal Code defines forgery as altering the truth of a document in a way that can harm others. Penalties run from 5 to 10 years’ imprisonment for public or legal documents, with stiffer terms for passports and government certificates used in fraud.
Canada
Section 366 of the Canadian Criminal Code defines forgery broadly and provides up to 14 years’ imprisonment for serious offenses. Section 368 covers using forged documents and carries similar penalties.
Australia
Section 144.1 of the Criminal Code Act 1995 covers Commonwealth documents (passports, visas) and provides up to 10 years’ imprisonment. Forgeries linked to financial institutions carry separate penalty structures based on damage caused.
Japan
Articles 158 and 159 of the Japanese Penal Code address public and private document forgery respectively. Private document forgery carries up to 5 years; public document forgery (passports, government certificates, identity documents) carries up to 10 years.
How to spot a forged document: human-eye checks
Identifying forged documents starts with structured visual inspection. Three checks cover most surface-level forgery.
Signature comparison and writing style
Comparing a suspect signature against authenticated samples remains effective for routine cases. Forensic examiners look for hesitation marks, pressure variation, stroke speed, and consistency with the signer’s other authenticated work. The Frank Abagnale check-fraud cases that defined the field rested on exactly this work: pattern deviations across thousands of attempted signatures eventually surfaced as actionable evidence. Modern signature analysis tools score on pressure, speed, and stroke order, catching traced and simulated forgeries that pass visual review.
Context and consistency checks
Fraudsters often produce forgeries that don’t fit the surrounding context. Mismatched dates, inconsistencies with timeline events, outdated forms, or missing security features (microprinting, holograms) all surface during routine review. A government ID without the issuer’s expected security features is one of the simpler tells.
When to escalate to a forensic examiner
Some cases need forensic-grade analysis. Examiners use specialized tools to analyze inks, paper fibers, and layered structures invisible to the naked eye. The classic Howard Hughes forged-autobiography case turned on ink dating: chemical analysis showed the ink used in a contract was manufactured decades after the contract’s claimed date.
How modern KYC tools detect tampering and forgery
Vendors at scale publish concrete impact data. G2 Risk Solutions reports over 15 million documents analyzed, 90% of manual reviews eliminated, more than 1,000 foiled fraud attempts per day, and over 500 detectors used to find anomalies, with full document analysis completed in under 30 seconds. The numbers are G2’s, not ours. They show what bank-grade forgery detection looks like at production scale, and what a buyer should benchmark against.
Modern KYC tools stack six detection techniques.
1. Pixel-level image forensics
AI models analyze compression artifacts, noise patterns, and edge inconsistencies to detect regions that have been digitally edited, pasted, or overwritten. Cloned photo regions, copy-move edits, splice boundaries, and Error Level Analysis (ELA) anomalies all surface at pixel granularity, including edits that are visually invisible.
2. Font, spacing, and alignment analysis
Tampered fields often introduce subtle deviations in font weight, kerning, line spacing, or character alignment that differ from the original issuer template. A bank statement with one row of transactions in a slightly different font weight is a near-certain edit.
3. Layout and template consistency checks
Documents are compared against known issuer layouts (IDs, bank statements, payslips). Any deviation in field position, formatting hierarchy, or structural geometry is flagged. Issuer templates are versioned over time, and modern tools track version history to avoid false positives on legitimately updated layouts.
4. Metadata and file integrity signals
EXIF data, software fingerprints, edit histories, checksum mismatches, and rendering anomalies indicate post-generation modification. A passport scan with EXIF showing “Adobe Photoshop” is a flag; one with EXIF stripped entirely is a different kind of flag.
5. Cross-field logical validation
AI systems verify whether fields logically align: address against pincode, employer against income range, document date against issuance authority. Tampering that passes pixel-level checks often fails logical validation because the fraudster edited one field without updating the dependents.
6. NFC chip read for e-passports and smart IDs
Modern passports and many national IDs carry an NFC chip with a signed copy of the holder’s biographic data, photo, and biometric template. Reading the chip directly using a phone’s NFC sensor and verifying the issuer’s signature confirms authenticity at the cryptographic level. This catches forgeries that defeat all visual checks: a perfectly printed fake passport will fail the chip read because the forger cannot replicate the issuer’s private key. NFC support is now standard in EU and UK passports, mandatory for new Indian e-passports issued from 2024 onward, and supported across most modern smartphones.
Together, these techniques detect both visible and invisible tampering with high precision. The threat-coverage matrix:
| Threat | What it involves | Can KYC tools detect it? | Primary detection method |
|---|---|---|---|
| Document tampering | Editing fields on genuine documents | Yes | Image forensics, layout checks, metadata analysis |
| Full forgery | Completely fake documents | Yes | Template matching, issuer validation |
| AI-generated deepfakes | Synthetic documents or images | Yes | AI artifact detection, anomaly scoring |
| Screenshot reuse | Photos of printed or displayed documents | Yes | Moiré detection, resolution analysis |
| Partial data replacement | Changing select values only | Yes | Cross-field logic validation |
A layered prevention playbook
No single check stops document forgery. The defenses that work in production stack six layers, each catching what the previous layer missed. We’ve framed this for Indian onboarding workflows, but the structure applies globally.
Layer 1: Predetermine the accepted document set
Decide upfront which documents you will accept for which purpose. Aadhaar, PAN, passport, voter ID, and driving license cover most Indian KYC use cases. Restricting the input set narrows the threat surface and lets downstream checks specialize. Officially valid documents under RBI KYC lists what regulators accept; align your accepted set with that, not with whatever a customer submits.
Layer 2: Tamper screening at upload
Run pixel-level forensics, font and layout consistency, and metadata checks on every document at the moment it is uploaded. This is where most tampering and most synthetic forgeries are caught. Document verification tools handle this layer at scale.
Layer 3: Face match between the document photo and the live capture
Compare the face on the document with a live selfie taken at onboarding. This catches the case where a real document is paired with the wrong person. Modern face match works in under a second and is robust to lighting, angle, and aging within a reasonable window.
Layer 4: Liveness check
Confirm that the live capture is a real person in front of the camera, not a photo, video, or face spoofing attempt. A liveness check closes the loop on synthetic-photo attacks. Passive liveness (single frame, no user gesture) is the standard for low-friction flows.
Layer 5: NFC read where supported
For e-passports and chip-enabled IDs, read the NFC chip directly. The chip carries a cryptographically signed copy of the holder’s data and photo, signed by the issuer. If the chip read succeeds and the signature verifies, the document is authentic by definition; tampering with the chip is far harder than tampering with the printed surface. NFC adoption is high in EU passports and growing in Indian e-passports rolled out from 2024.
Layer 6: Cross-reference with identity data
Cross-check the document against authoritative identity sources: Aadhaar, PAN, GST, credit-bureau records. A forged PAN with a real-looking number will fail a live PAN-NSDL check. A forged GST will fail a GSTIN lookup. This layer turns identity verification from a one-time document scan into a live, source-of-truth confirmation. It is the layer most resistant to AI-generated forgeries because it does not rely on the document’s appearance at all.
Industries most affected by document forgery
Document forgery is not evenly distributed. A handful of sectors absorb most of the loss because they rely on customer-submitted documents to make underwriting, eligibility, or access decisions in real time.
Banking, NBFCs, and fintech
Lenders see the highest dollar value of forgery losses. Forged income proofs, doctored bank statements, and synthetic IDs flow into loan and credit applications, especially in unsecured and personal lending. The losses compound: a forged ID at onboarding becomes a delinquent loan in collections, and the fraudster has often disappeared by then. Bank statement analysis and cross-document consistency checks are now standard controls in retail credit. See types of financial fraud and deepfake banking fraud for related risk patterns.
Insurance
Claims fraud and onboarding fraud both run on forged documents. Inflated medical bills, doctored repair invoices, fabricated death certificates, and forged proofs of ownership all show up in claims. On the onboarding side, forged identity documents create policies that exist to be claimed against later. Insurers now run insurance fraud detection at policy issue and at claim, with stronger document checks at both points.
Telecom
SIM activation fraud uses forged government IDs to issue connections in someone else’s name, often to be used in vishing, OTP interception, or laundering. Indian telcos run mandatory KYC at activation, but the volume is high enough that even a 1% slip rate translates to hundreds of thousands of fraudulent SIMs per year.
eCommerce, gig platforms, and marketplaces
Seller onboarding, gig-worker onboarding, and high-value buyer verification all rely on documents. Forged GST registrations, fake driving licenses for delivery roles, and counterfeit business proofs surface routinely. Marketplaces face a tradeoff: friction at onboarding reduces fraud but also reduces conversion, so most operate layered controls that escalate scrutiny only on flagged accounts.
Education
Credential and transcript forgery is widespread in admissions, hiring, and visa applications. Fake degree certificates from real universities, transcripts with altered grades, and entirely fabricated qualifications from non-existent institutions all circulate. Education sector fraud is harder to detect because there is no central registry to cross-check, and it often only surfaces at hire or visa interview.
Advanced security technologies in document trust
Layered detection pairs with prevention technologies that make forgery harder to begin with.
Biometric signature verification
Biometric signature systems analyze unique handwriting traits (pressure, speed, stroke order) alongside visual appearance. Real-time signatures are compared with stored profiles, making forgery far harder, particularly in banking and legal sectors where authenticity is critical.
Digital signatures and PKI
Digital signatures use cryptographic methods to secure electronic documents. Once signed, a document cannot be altered without the signature breaking. Digital signatures also authenticate the signer, and they comply with legal frameworks like eIDAS (EU) and the ESIGN Act (US).
Blockchain-anchored credentials
Blockchain-based authentication leverages decentralized ledgers to create tamper-proof records of transactions and documents. Storing signatures and key documents on a blockchain ensures records cannot be altered after creation, which is valuable for legal, financial, and governmental applications where document integrity is critical.
Secure capture pads and tamper-evident packaging
Secure signature pads capture biometric data (pressure, speed, motion) as the signature is made, creating a unique digital profile per signer. Tamper-evident packaging adds a physical layer for documents that move between custodians.
Protect your business from forged documents
Document forgery threatens every business that onboards customers, issues credit, processes claims, or activates services on the basis of submitted documents. The threat surface has expanded with generative AI, and detection has had to expand with it: layered controls, AI-artifact detection, NFC chip reads, and live cross-references with authoritative identity sources.
HyperVerge runs production document verification across banks, NBFCs, fintechs, insurers, gaming platforms, and telecom operators in India and globally. Talk to our team about document fraud defense to see how the layered model works in your onboarding flow. Talk to our team.
FAQs
What is document forgery?
Document forgery is the act of making, altering, or using a false document or electronic record with intent to deceive. It includes counterfeiting, alteration of genuine documents, signature forgery, document assembly from multiple sources, and AI-generated synthetic documents. Indian law treats forged digital records the same as forged physical documents under Section 336 of the Bharatiya Nyaya Sanhita, 2023.
What are the types of document forgery?
Seven recurring types account for almost all cases: counterfeit documents, manual physical alteration, electronic manipulation, document assembly, blank document theft, signature and handwriting forgery, and deepfake or synthetic-document forgery generated by AI.
How is document forgery detected?
Modern detection stacks six techniques: pixel-level image forensics, font and spacing analysis, layout and template consistency checks, metadata and file integrity signals, cross-field logical validation, and NFC chip reads for e-passports and smart IDs. Together, these catch tampering, full forgery, and AI-generated synthetic documents at production scale.
What is the punishment for document forgery in India?
Under Section 336 of the Bharatiya Nyaya Sanhita (BNS), 2023, simple forgery carries up to 2 years’ imprisonment. Forgery committed to cheat carries up to 7 years. Forgery of court records, public registers, or valuable documents carries longer sentences, and forgery used in money laundering attracts additional penalties under the PMLA, 2002. The BNS treats forged digital records the same as forged physical documents.
What is the difference between forgery and counterfeit?
Counterfeit means producing an imitation of a genuine document or item, often with security features replicated. Forgery is broader: it covers creating a false document, altering a genuine one without authority, or using a false document with intent to deceive. Counterfeit is one type of forgery; not all forgery is counterfeit.
How do you prove document forgery?
Proving forgery typically requires documentary evidence (original vs altered versions), forensic examination of the suspect document, and contextual evidence (timeline, custody chain, intent). For digital forgeries, pixel-level forensics, metadata analysis, and AI-artifact detection produce evidence admissible in court. India’s BNS and IT Act both recognize digital forensic evidence.
Can digital documents be forged?
Yes. Digital documents are forged frequently, often through PDF editing, image manipulation, or AI-generated synthesis. Indian law (BNS 336 and IT Act 2000) treats forged digital records identically to forged physical documents. Detection has shifted to pixel-level forensics, metadata analysis, and AI-artifact detection because visual review alone misses most digital forgery.
What is traced forgery?
Traced forgery is a type of signature forgery where the fraudster places a transparent sheet over a real signature and copies the outline directly. The result looks visually similar to the genuine signature but lacks the natural pressure variation, speed, and stroke order of the original. Modern signature analysis tools that score on pressure and stroke dynamics flag traced forgeries reliably.
