Last updated: July 17, 2026

PDF Redaction Extraction Test: Black Rectangle vs Removed Text

Redaction is not a cosmetic task. We generated two PDFs with the same synthetic account number. One covered the text with a black rectangle; the other applied a true redaction operation. Text extraction found the number in the visually covered file and did not find it in the redacted file.

The test files

Download the black-box cover sample and the true redaction sample. The synthetic number is 0000-1111-2222. It does not belong to a real account. It is intentionally distinctive so users can search, copy, and extract it.

Recorded result

FileLooks hiddenExtracted text contains number
Black-box coverYesYes
Applied redactionYesNo

The machine-readable result is available in synthetic-pdf-test-results.json. The black-box file retained 144 extracted characters and the synthetic number. The redacted file retained 95 characters but not the number.

Why the rectangle failed

The rectangle was drawn after the text. It hid the glyphs visually but did not delete the text drawing command. A viewer, extraction library, search tool, accessibility tool, or user who removes the covering object may still recover the content. The same problem can occur with white rectangles, highlights, blur images, annotations, and cropped screenshots.

What true redaction changes

A proper redaction operation identifies the target region, removes covered content from the page structure, and then applies a replacement appearance. The test used a PDF redaction operation and verified that the synthetic number was absent from extracted text. This does not certify every redaction tool or every document. Images, attachments, comments, metadata, hidden layers, and repeated content still need separate checks.

Failure case: the text appears elsewhere

A document may repeat the same identifier in a header, attachment, bookmark, annotation, OCR layer, or metadata field. Redacting one visible occurrence is not enough. Search the exported file for the full value and meaningful fragments. Inspect attachments and comments where the workflow supports them.

Failure case: scan and OCR mismatch

A scanned page can contain the sensitive value in pixels and an OCR text layer. Removing only the OCR text leaves the visible image. Covering only the image leaves the OCR layer. A safe process must address both and then verify the result.

When not to use JUST FREE PDF for redaction

JUST FREE PDF is not certified legal redaction software. Do not use a general editing overlay for court records, medical records, financial statements, identity documents, protected client files, public-record releases, discovery production, or any workflow where disclosure could cause harm. Use an approved redaction product and organizational review process.

A practical verification sequence

  1. Work on a copy, never the only original.
  2. Use a real redaction operation, not a rectangle.
  3. Save and reopen the exported copy.
  4. Search for the removed text and fragments.
  5. Try selecting and copying the covered region.
  6. Run text extraction if the document is high risk.
  7. Inspect metadata, comments, attachments, and OCR layers.
  8. Have another authorized person review the result.

Why the synthetic test matters

The result is directly reproducible and avoids using a real bank statement or private identifier. It demonstrates a concrete failure mode rather than relying on a generic warning. Users can download both files, compare appearance, run search, and confirm that visual similarity does not imply structural safety.

Repeat the test after every transformation

A redacted PDF may be resized, merged, printed, OCR-processed, or converted by another system before release. Each transformation can create a new text layer or preserve an earlier image unexpectedly. Run the search and extraction checks on the exact final file that will be delivered, not only on an intermediate export. If the recipient portal modifies the file, download the accepted copy when possible and inspect it again.

Use two-person review for consequential disclosure

For records where disclosure could harm a person or organization, one authorized reviewer should perform the redaction and another should independently search, select, copy, inspect metadata, and compare the release against the redaction list. The synthetic samples demonstrate the method, but high-risk release requires an approved process, trained reviewers, and documented sign-off.

Document the redaction target

For an approved redaction workflow, maintain a separate list of the exact words, numbers, images, pages, and attachments that must be removed. Review the final release against that list. Without a target record, a reviewer may confirm that one black box is safe while overlooking another occurrence on a different page.

A release copy should be reviewed from the exact download path the recipient will use, not from an earlier local draft.

Authorized use boundary

Use these tests only with documents you own or are authorized to handle. Do not use JUST FREE PDF to forge records, impersonate another person, deceptively change official documents, or bypass a required signing, filing, or approval workflow.