Question 26

Can MRZ scanning detect a forged or altered document?

MRZ scanning contributes meaningfully to fraud detection, but it's best understood as one layer in a broader authenticity check rather than a complete forgery detector on its own. The core mechanism is the check digit: several fields in the MRZ, like document number and date of birth, are followed by a digit calculated using a defined ICAO algorithm.

If a forger changes one of these fields without correctly recalculating its check digit, automated scanning will catch the mismatch immediately, since recomputing and comparing check digits is exactly what the extraction process does as a standard step.

Beyond check digits, cross-referencing the MRZ against the visual zone adds another layer. If the MRZ and the printed name, date of birth, or other fields disagree, that's a red flag regardless of whether either individual field passes its own check-digit validation, since a legitimate document should have identical data on both sides.

That said, a sophisticated forger who understands the ICAO check-digit algorithm could, in theory, alter data and correctly recalculate the corresponding digits, making the altered MRZ internally consistent on its own. This is exactly why MRZ-based checks are only one part of a complete document authenticity process, not the whole thing.

Physical security features, the specific paper stock, printing techniques, holograms, and other elements that are extremely difficult to replicate outside of official government printing, provide a separate layer of protection that doesn't depend on data consistency at all. For e-passports, the embedded RFID chip carries a digital signature that's cryptographically far harder to forge than printed text, providing yet another independent check.

So the honest, complete answer is: MRZ scanning, through check-digit validation and cross-referencing against the visual zone, catches a meaningful category of tampering and forgery attempts, particularly less sophisticated ones, but a genuinely thorough fraud-detection process layers MRZ checks together with physical security feature analysis, chip verification where available, and increasingly, document liveness detection to confirm a physical document is actually present rather than a photo of one.

ScanDoc's identity verification stack treats MRZ validation as one layer among several, combining it with visual zone cross-checks and OCR-based authenticity signals rather than presenting MRZ reading alone as a complete fraud-prevention solution, since no single check reliably catches every category of document fraud on its own.

Talk to a document scanning specialist

Have a specific integration question, or want to see how this fits your onboarding flow? The ScanDoc team is happy to help.