Counterfeiting can involve either simulation or emulation. When the counterfeiter just replicates the overall appearance of a document this is a simulation but when they attempt to replicate the security features of an authentic document, their optical effects, it turns into an emulation. Hence, Forensic Document Examiners need to know how to spot and demonstrate that what seems an authentic security feature is not, since there are cases where the counterfeiter makes a good emulation, which makes the widespread authentication techniques not useful for detecting it. That is why it is necessary to approach the analysis in a different way. Characterization of the features present on our known document will be our guide in order to distinguish the emulation in an objective way. This presentation will show several cases where I had to deal with banknotes and security document’s emulation. We will address good emulations of public security features which were detected with simple but unconventional methods.