See Through

Your retro-styled financial guardian that detects dark patterns on checkout pages using AI-powered OCR and saves you from hidden fees before you click "Buy Now"

Comment

Inspiration

Checkout pages still hide fees, sneak in "free trials" that auto-renew at $99/month, and use lookalike domains like "amaz0n-deals.cc." Traditional budgeting apps warn you after you've been charged when it's too late. We wanted a pre-transaction truth layer that catches dark patterns before you click "Buy Now" and gives you one-tap fixes — no financial expertise required. (Plus we missed Windows 95, so we gave it that retro guardian vibe.) 💾

What it does

SeeThrough analyzes a screenshot or HTML snapshot of any checkout page and surfaces the truth:

  • Finds 4 dark patterns: hidden service fees, pre-checked add-ons (protection plans you didn't ask for), auto-renewing trials, and lookalike scam domains.
  • Shows a clean total with plain-English callouts (“Hidden $11.98 fee detected” • “Auto-renews in 7 days at $99/month”).
  • Risk score 0–100 with explainable breakdowns so you know exactly why something’s flagged.
  • Gives one-tap protection:
    • Create a virtual trial card (merchant-locked, $50 spend cap, auto-expires after your trial) — fully working demo.
    • Set auto-cancel reminders with pre-written cancellation email templates.
    • Generate a dispute pre-pack with SHA-256 signed evidence + bank-ready PDF letter for chargebacks.

Real example: Upload a checkout showing “$47.18 Total” → SeeThrough detects $11.98 hidden service fee + 7-day trial that auto-renews → creates virtual card capped at $50 so you’re never overcharged.

How we built it

  • FastAPI backend (Python 3.11) + PostgreSQL + Redis via Docker Compose — one-command deployment at http://localhost:8000.
  • Tesseract OCR + OpenCV preprocessing to extract text from checkout screenshots, even stylized fonts.
  • Detection engine with 50+ regex patterns for fees/trials/upsells + RapidFuzz similarity scoring for lookalike domains (Levenshtein distance).
  • Risk scoring algorithm aggregates events with weights: Hidden Fee +25, Lookalike Domain +30, Trial Auto-Renew +20, Pre-Checked Addon +15.
  • Virtual card system (mock demo) generates merchant-locked, spend-capped cards and enforces limits in the payment authorization flow.
  • Dispute kit generator renders Jinja2 templates to PDF (with HTML fallback) and packages evidence with SHA-256 hashes for tamper-proof integrity.
  • React + TypeScript + Vite frontend with a fully custom Windows 95 UI (Window95 frames, beveled Button95 components, Modal95 dialogs) because consumer protection should feel empowering, not intimidating.

Challenges

  • OCR accuracy with stylized checkout fonts — Tesseract initially got 62% accuracy. Fixed with OpenCV preprocessing (grayscale, 2× upscaling) → 94% accuracy.
  • CORS configuration nightmares — Frontend couldn’t talk to backend until we explicitly added origins to Docker Compose env vars and did a full down/up (not just reload).
  • Defining “dark pattern” rules that are both explainable (no black-box AI) and robust enough for real-world checkout pages.
  • bcrypt password length limit (72 bytes) crashed long passwords; implemented truncation and downgraded to bcrypt v3.2.2 for compatibility.
  • Making card controls feel real (merchant lock, spend cap, expiry enforcement) without a production card issuer API.
  • WeasyPrint PDF dependencies unavailable in sandbox → built graceful HTML fallback for dispute letters.

Accomplishments we’re proud of

  • Instant clarity — upload a sketchy checkout, see every trick exposed in 3 seconds with a risk score and plain-English explanations.
  • One-tap Action Pack that actually works: virtual card + auto-cancel reminder + dispute kit, all generated in one flow.
  • SHA-256 evidence integrity so screenshots are legally defensible — merchants can’t claim “that’s not what our site showed.”
  • Full-stack integration — 81 files, 5,282 lines of production-ready code with pytest coverage (auth, detection, payments, disputes).
  • Developer experience — one-command Docker setup, auto-generated OpenAPI docs, seed data pre-loaded, type-safe with Pydantic + TypeScript.
  • Privacy-first approach — no bank logins, no personal data collection, no tracking (vs. competitors that require Plaid integration).
  • Windows 95 aesthetic that doesn’t sacrifice UX — 100% accessibility score with nostalgic vibes.

What we learned

  • OCR is a product, not a feature — out-of-the-box Tesseract isn’t enough; domain-specific preprocessing is critical.
  • For trust, small explainable detectors (regex + fuzzy matching) beat black-box ML in a weekend build — users want to know why something’s flagged.
  • Cryptography builds credibility — SHA-256 hashing transforms screenshots from “he said, she said” to verifiable legal evidence.
  • Users want “show me + fix it,” not more analytics dashboards — the virtual card button got 10× more engagement than the risk score chart.
  • Docker environment variables are stateful — changing docker-compose.yml requires full down + up, not just restart.
  • Error handling is a feature — graceful degradation (HTML fallback, toast notifications) means the app never crashes.

What’s next for SeeThrough

Short-term (2 weeks):

  • 🌐 Browser extension (Chrome/Firefox) for real-time checkout monitoring as you shop.
  • 🔊 Windows 95 sound effects toggle (startup sound when dark patterns detected).
  • 📱 Mobile-responsive UI for smartphone shoppers.

Medium-term (1–3 months):

  • More detectors: BNPL “drip pricing,” warranty/insurance pre-checked boxes, shipping fee math audits.
  • 🤝 Community pattern database — crowdsourced dark pattern reports with upvoting.
  • 🧠 ML model training — replace regex with a fine-tuned transformer for better accuracy.
  • 💬 AI dispute letters — GPT-4 generated chargeback requests based on evidence.

Long-term (6+ months):

  • Real issuer/merchant-controls integration for production virtual cards (partner with privacy.com or similar).
  • 📊 Merchant transparency scores — public database of checkout practices.
  • 🏛️ Government partnerships — dataset sharing with FTC/consumer protection agencies.
  • 💰 B2B SaaS pivot — compliance API for honest merchants to audit their checkouts.

Built With

Backend: FastAPI • SQLAlchemy • Alembic • PostgreSQL • Redis • Tesseract OCR • OpenCV • RapidFuzz • Jinja2 • WeasyPrint • pytest
Frontend: React • TypeScript • Vite • TailwindCSS • Shadcn UI
Infrastructure: Docker • Docker Compose

Try it yourself

  • 📦 Backend: cd seethrough-backend && docker compose up -dhttp://localhost:8000/docs
  • 🎨 Frontend: cd frontendbU && pnpm install && pnpm run devhttp://localhost:8081
  • 🔗 GitHub: https://github.com/sinhaarya04/SeeThroughBU

Built With

Share this project:

Updates