Aegist Share

A 3-second AI Bodyguard against predatory SpyLoans. Detects dark patterns via Screenshot & Voice to protect the vulnerable.

Comment

The Inspiration: “It starts with a text…”

“If you don’t pay by 5 PM, we will call your boss and send photos to your parents.”

That sentence is not fiction. It mirrors the harassment tactics reported across Asia, Africa, and Latin America by predatory digital lending apps, often called SpyLoan apps.

Security researchers have documented large waves of these apps on Android, many using social engineering and excessive permissions to extort and shame borrowers. In late 2024, McAfee identified 15 SpyLoan apps on Google Play with more than 8 million total downloads, showing how quickly this threat scales even inside official app stores. (Sources: McAfee, The Hacker News)

The harm is not just financial. Borrowers report doxxing, blackmail, and “debt-shaming” campaigns aimed at family and employers. In Kenya and India, investigative reports link these harassment loops to severe mental health crises and suicides. (Sources: The Guardian, TechCrunch)

The core problem is not that victims need a six-month financial literacy course. The core problem is speed.

Predatory apps pressure people to consent before they understand the trap. Victims need a three-second bodyguard.

That is why we built Aegis Share: Counter-AI against AI scams.

What Aegis Share Does

Aegis Share is a browser-based Counter-AI bodyguard that detects predatory loan traps instantly through a screenshot or a short voice question. It is designed for the “Next Billion Users,” including people with low tech literacy or limited reading ability.

Key Capabilities:

  • Zero-install protection: Aegis runs in any mobile browser. When someone is panicking, they are unlikely to install a new app, but they will open a link sent by a trusted family member.
  • Three-second risk analysis: Upload a screenshot of a loan app screen and Aegis flags dark patterns such as urgency timers, “approval bait,” hidden fees, and dangerous permission requests. It returns a traffic-light risk result (Red / Yellow / Green) with a simple action plan.
  • Voice Guardian: Users can tap the microphone and ask one sentence, like “They want my contacts—is that okay?” Aegis interrupts with a clear spoken warning, designed for low-literacy users.
  • Safe Card: Aegis generates a shareable PNG evidence card. This allows families and communities to warn each other quickly, without needing anyone to click unfamiliar links.

Why This Matters

Predatory digital credit is exploding faster than consumer protection can keep up. Researchers have found hundreds of predatory lending apps across major app stores; in India alone, regulators identified nearly 600 illegal loan apps across Android stores. (Sources: Lookout, Help Net Security)

These apps lure users with “instant cash” and conceal the real cost. Studies of small-dollar digital loans show APRs commonly in the 300–400 percent range, sometimes far higher when fees are hidden in short repayment cycles. (Source: Trung Tâm Cho Vay Có Trách Nhiệm)

Because many victims are first-time smartphone users or have limited ability to read complex terms, existing protections fail. Aegis Share is built to close that gap by slowing the trap down at the exact moment it matters: before the consent click.

How We Built It

We built Aegis Share as a fast, layered warning system rather than a single “black box” scan.

  • Frontend: Next.js 14 and Tailwind CSS, mobile-first and high-contrast traffic-light UX for low-literacy users.
  • AI Core: A multimodal vision LLM analyzes the screenshot holistically, not just the text. It detects manipulative UI context (for example, tiny fee disclosures next to a huge “0% interest” button) and permission traps. A lightweight heuristic layer flags high-risk permissions (Contacts, SMS, Call Logs, Photos) as immediate red-flags to reduce hallucinations.
  • Voice Interface: Web Speech API handles transcription, and Speech Synthesis delivers direct spoken warnings in a short, interruptive style suited to crisis moments.
  • Privacy Architecture: Stateless by design. Screenshots and audio are processed in memory and discarded immediately. No data is stored or sold. The product protects users; it does not monetize them.

Challenges We Ran Into

  • Literacy barrier: Early versions relied on text warnings, which fails the exact users we aim to protect. We pivoted to voice-first warnings paired with simple Red/Yellow/Green visual cues to make risk obvious even without reading.
  • Latency vs. safety: In a real scam, a slow answer is a wrong answer. We optimized client-side image compression and structured JSON prompting to keep response time under three seconds.

What We Are Proud Of

  • A working Counter-AI prototype that reliably flags real scam patterns seen in SpyLoan screenshots and debt-shaming messages.
  • A privacy-first system that does not require vulnerable users to trade safety for surveillance.
  • A Voice Guardian that turns complex predatory terms into one-sentence, actionable warnings.

What’s Next

Aegis Share is the start of a digital immune system.

  • Phase 2: Offline Mode. We will explore on-device small language models via WebLLM/WebGPU so Aegis can run without internet in remote villages.
  • Community Blocklist. A decentralized reporting flow where every confirmed Red scan contributes to a living map of predatory apps, helping regulators, NGOs, and families respond faster than scammers can rebrand.

Disclaimer

Aegis provides safety warnings based on common predatory patterns. It is a protective layer, not a substitute for legal or financial advice.

Built With

Share this project:

Updates