Building a Fake Job Candidate Detection System in 4 Hours: How Sardine Can Fight AI-Powered Job Fraud
As remote jobs become more common and AI is getting better, there is a rise in fake job candidates. Gartner estimates 1 in 4 job candidates will be fake by 2028 (!)
This is a real problem we are facing today as well. Our recruiting team has to spend a lot of time reviewing those applications. That’s why Chandni, our head of talent and people, and I decided to tag-team to fix this problem.
Demo
After 4 hours of coding, I had a working prototype. I ran it against incoming job applications for one day, and was able to flag suspicious job applications. See the following demo video to understand this better:
Technical Architecture
This is the architecture diagram of the two-step system we built.
The two steps are:
- Job application screening: When candidates apply for the job, we automatically screen them based on their resume and details submitted through their job application.
- Interview screening. Second, if the candidates pass the resume screen, we capture additional device intelligence when they click the meeting invite link.
I’ll explain details in the following sections.


Step 1: Job application screening
We use Ashby as our ATS (Applicant Tracking System). Ashby and other ATS (such as greenhouse and lever) provide webhooks to notify third-party systems when a new application is created.
I built a simple Cloud run function that ingests these webhooks. Webhook payload contains information such as the candidate’s name, email, phone number, and IP address. Since Sardine already has identity fraud prevention capabilities, I just needed to call the existing Sardine API here. I used cursor for coding, and because we already have MCP that knows our API, vibe coding Sardine API was pretty straightforward.
Based on information gathered during the application, Sardine can check various signals, including
- IP address
- If IP address country matches the job location
- IP address is VPN or proxy
- Reputation of IP address
- Email
- If email is new
- If email domain is disposable
- Phone number
- Phone is VOIP
- If phone number and name provided matches
- Graph-based features
- Does this phone number have many applications?
- Does this email address have many applications?
Once we get the risk assessment results from Sardine’s API, we can then call Ashby API to attach a note to the candidate's application.

Step 2: Interview link
Sardine already has proprietary device intelligence and behavior biometrics technology, and so my initial thinking was to integrate our web SDK into the application page to capture any suspicious device and behavior signals. However, it turns out Ashby (and many other ATSs) don’t allow embedding custom JavaScript into the application page. I could embed the job application page within the Sardine-hosted page (where we can track device data) via iframe, but there is no way to tie the information (that is, which frontend session is seen by the Sardine SDK corresponding to the particular job application?)
For that reason, I decided to work on a second project, which is a simple webpage that redirects applicants to meeting URLs (for example, Google Meet). This way, this intermediate site can capture the candidate’s device information with the Sardine SDK. I used bolt.new to generate a barebones static webpage.

After that, integrating the Sardine SDK is straightforward (note that, our documents are only available for existing Sardine clients. If you want to check it out, please contact us!).

Using Sardine’s Device SDK, now we can capture various information like:
- What is actual location behind the proxy?
- Is the screen remotely controlled?
- What is device’s fingerprint
These signals further enhance our fraud prevention capabilities.
Conclusion and future enhancement
We found that our technology can be applicable to detect fraudulent job applications using real-world data.
Here are additional ideas for future improvements:
- Implement a hosted job application page so we can also capture user’s behavior such as copy-and-paste and mouse movement.
- Ingest the resume PDF and check if it’s authentic.
- Have native integration within the ATS.
We’re excited with what we can achieve to solve this problem. If you want to solve fraudulent job applications, please contact us!