On-device · iOS · Gemma 4

Scam detection that never leaves your phone.

GemScan checks suspicious messages, links, and screenshots for scams in seconds. Every model runs locally on your iPhone — nothing is uploaded, nothing is logged.

Join the TestFlight beta See the demo View on GitHub →

Why this exists

The people most targeted by scams are the ones today's defences fail. We built something different.

In 2023, a mother in Arizona answered her phone and heard her daughter screaming. The voice was indistinguishable — a three-second clip scraped from social media was all it took to clone it.

The daughter was safe at home.

That same year, the FBI logged $16.6 B in US fraud losses, up 33% year over year. Elders accounted for $4.9 B. Cloud-based filters ship your private conversations to a server to find these scams. GemScan was built on a simpler bet: the people most at risk deserve protection that runs on the phone they already own.

US fraud losses, reported

FBI IC3 annual reports, in billions of USD

What it does

Five things you can do in the app today. Every one runs locally.

Analyse text

Paste a message or URL, tap Check this. Get a verdict, confidence, and the reasons behind it.

Add a picture

Pick a screenshot. Apple Vision pulls the text out, then the scam classifier runs on it.

Share Extension

From Messages, Mail, or Safari — tap Share → GemScan to send any text, link, or image straight into the analyser.

History

Every check is saved on-device with month-to-date and year-to-date totals. Tap any row to revisit it.

Learn

A browsable guide to the eight most common scam patterns — phishing, sextortion, romance, investment, imposter, employment, shopping, malware.

Demo walkthrough

Watch the 90-second tour below, then follow along on your own simulator using the strings in each step.

1

First-time setup

Open the Settings tab and tap Download model — about 5 minutes on Wi-Fi to pull the Gemma 4 E2B weights (~2 GB). The weights live on the phone from then on; every subsequent launch is instant.

Settings screen with download model
2

Launch

From the home screen, paste a suspicious message into the input area or pick a screenshot from your library. Everything kicks off from one place.

Home screen
3

Paste a suspicious message

Type or paste any message into the input area and tap Check this. GemScan returns a verdict in seconds with reasoning you can read out loud.

Try this Your package could not be delivered. Confirm address: usps-redelivery.shop/track
Expected verdict: SCAM
Analyse screen showing a scam verdict
4

Check a screenshot

Two ways to get an image into GemScan. From inside the app, tap Add a picture and pick a screenshot of a suspicious text from your library. Apple Vision OCR extracts the text, then the same scam classifier runs on it. The image itself is never uploaded.

Image analysis screen
5

Or share straight from Photos

Already looking at a suspicious screenshot in the Photos app? Tap the system Share button and pick GemScan. The Share Extension hands the image to the main app, runs OCR, and analyses the extracted text automatically — no copy-paste, no switching back and forth.

iOS share sheet sending an image to GemScan
6

History & metrics

The History tab tracks everything you've checked, with month-to-date and year-to-date counts of analyses, scams, and suspicious items. Tap any past check to view the full verdict again. All on-device.

History tab with monthly and yearly totals
7

Learn what to look for

The Learn tab is a browsable guide to the eight most common scam patterns — phishing, sextortion, romance, investment, imposter, employment, shopping, malware — each with red flags, how-it-works, and what to do.

Learn tab with scam pattern explanations

How it works

One on-device pipeline. A Swift orchestrator picks the right specialist, runs Gemma 4 E2B through Apple's MLX framework, and renders the structured verdict in the WebView UI.

%%{init: {'theme':'base','themeVariables':{'primaryColor':'#ffffff','primaryBorderColor':'#d8d4c8','primaryTextColor':'#0e1626','lineColor':'#4a5468','fontFamily':'Inter, system-ui, sans-serif','fontSize':'14px'}}}%%
flowchart LR
  UI["Text / URL / Image\npaste · pick · share"]
  CAP["Capacitor 6\nTS ⇄ Swift"]
  ORCH["OrchestratorAgent\npicks specialist"]:::accent
  TA["TextAgent"]
  UA["URLAgent"]
  IA["ImageAgent"]
  OCR["Apple Vision OCR"]
  MODEL["Gemma 4 E2B Instruct\n4-bit · MLX-Swift on Apple Silicon GPU\ngrammar-constrained sampling"]:::model
  V["Verdict\nsafe · suspicious · scam\n+ confidence and reasoning"]

  UI --> CAP --> ORCH
  ORCH --> TA & UA & IA
  IA --> OCR
  TA --> MODEL
  UA --> MODEL
  OCR --> MODEL
  MODEL --> V

  classDef accent fill:#e8efff,stroke:#004aad,color:#0e1626,stroke-width:1.5px;
  classDef model fill:#dbe6f9,stroke:#003782,color:#0e1626,stroke-width:2.5px;
        

Privacy boundaryNo network calls during analysis · weights cached on-device after one-time download · history stored only in localStorage

Performance & footprint

What it costs to run GemScan on the device, and what you get back.

Where the time goes

Typical end-to-end latency on iPhone 15 Pro, short SMS prompt

~2 GB
Model size
Gemma 4 E2B, 4-bit quantised
0
Network calls
during analysis
~2.5 s
Median verdict
warm model, short prompt
~12 tok/s
Generation
MLX-Swift on A17 Pro GPU

Numbers are typical for an iPhone 15 Pro running the default E2B configuration; replace with your own measurements before judging.

Try it yourself

Two paths: a web mock that runs in your browser, or the real iOS app.

🌐 Web mock (no Xcode needed)

The Next.js UI runs against a deterministic mock plugin. Every screen and every flow is reachable.

git clone https://github.com/GemScan/GemScan
cd GemScan && npm install
npm run dev
# open http://localhost:3000

📱 iOS build

Requires Xcode 15.3+ and an Apple Developer account (free is fine). On first launch, open Settings → Download model to pull the Gemma 4 E2B weights (~2 GB from Hugging Face, <5 min on Wi-Fi). They're cached on-device after that.

npm install
npm run build
npx cap sync ios
npx cap open ios
# in Xcode: pick a device, ⌘R

The team

Built by a small group set on putting on-device scam protection in everyone's pocket.

Team GemScan

Shashank (left) and Scott (right), the GemScan team!

Privacy policy

Plain English. Last updated 18 May 2026.

The short version

GemScan analyses everything you check entirely on your iPhone. The content you analyse — messages, links, screenshots, voice clips — is never uploaded, never stored on a server, and never used to train any model. There are no accounts, no analytics, no advertising SDKs, and no third-party trackers.

Who runs GemScan

GemScan is an independent open-source project by two students, Shashank and Scott.

What we collect

Nothing leaves your device. All scam analysis — text, URL pattern checks, OCR on images, voice-clip features — runs locally on your iPhone using Gemma 4 model weights cached on the device and Apple's on-device Vision and Speech frameworks. We do not operate any server that receives content you analyse.

What's stored on your device

  • History of checks — the messages you've analysed, the verdicts, and timestamps are stored in your device's local web storage (localStorage). You can clear the entire history at any time from Settings → Clear history. Uninstalling the app also removes it.
  • Gemma 4 model weights — roughly 2 GB, downloaded once on first launch and cached in the app's sandbox under Library/Caches/huggingface/hub/. Removed if you uninstall the app.
  • App preferences — voice toggles, accessibility settings, and Guardian Mode trusted contacts (if you opt in) are stored only on the device.

Network activity

  • One-time model download: on first launch, after you tap Settings → Download model, the app fetches the Gemma 4 E2B weights from huggingface.co. This is the only network call the app makes for its core function.
  • No background telemetry, no analytics, no crash reporting. We do not use Firebase, Google Analytics, Sentry, Adjust, Facebook SDK, Branch, or any other behavioural-tracking SDK.
  • URLs are not fetched. When you ask GemScan to check a link, the on-device model inspects the URL string for scam patterns; it does not open the page or send the URL to any third party.

Permissions GemScan asks for

iOS prompts you the first time each is needed. You can revoke any of them later in System Settings → GemScan. None of them transmit data off the device.

  • Photo library — when you tap Add a picture. Only the image you pick is read; the rest of your library is not enumerated.
  • Camera — when you choose to snap a picture of a suspicious message in the app.
  • Microphone — only when you start a voice-call analysis session. Audio is processed on-device and discarded immediately after analysis.
  • Contacts — only if you opt in to Guardian Mode and choose trusted contacts. Contact data never leaves the device.

Third parties

  • Hugging Face — distributes the Gemma 4 model weights. The one-time download from huggingface.co is subject to their privacy policy. They receive only the standard request metadata (IP address, user-agent) needed to serve the download.
  • Apple — standard App Store distribution and on-device frameworks (Vision, Speech, MLX). Subject to Apple's privacy policy.
  • No other third-party services are integrated into the app.

Children's privacy

The app contains scam-education content (including references to financial, romance, and sextortion scams) that is generally appropriate for users aged 13 and up. We do not knowingly collect any personal information from anyone, including children — because we collect no personal information at all.

Your rights

Because we collect, store, and process nothing off your device, there is no account to delete, no profile to export, and no third party to revoke. To fully erase everything GemScan stores, uninstall the app from your iPhone (Settings → General → iPhone Storage → GemScan → Delete App). If you have any privacy question or request regardless, please raise an issue on our public GitHub repo.

Security

Model weights are downloaded over HTTPS. App Transport Security is enabled with arbitrary loads disabled (no plain-HTTP traffic). The app sandbox isolates the cached model and history from other apps on your device.

Changes to this policy

If the policy changes, the updated version will appear at this URL with a new "Last updated" date. Material changes will additionally be surfaced in the app on next launch.

A canonical copy of this policy lives at gemscan.github.io/GemScan/#privacy — that is the URL to provide to Apple App Store Connect.