Skip to main content

LucidQR: See Before You Scan

QR codes are convenient—but they can also be dangerous. LucidQR analyzes QR codes on your device to help you spot phishing, malware, and suspicious links before you click.

The QR Code Problem

QR codes are everywhere—restaurant menus, payment terminals, event check-ins, product labels. But unlike a visible URL, you can't tell where a QR code leads until you've already scanned it.

  • Phishing attacks: Fake payment pages and credential harvesting
  • Malicious redirects: Links to malware downloads or exploit kits
  • Social engineering: Urgency tactics ("Scan now or your account expires!")
  • Physical tampering: Stickers placed over legitimate QR codes

How LucidQR Protects You

On-Device Analysis

All scanning and analysis happens locally on your device. No cloud uploads, no third-party tracking, no data collection.

Instant Risk Assessment

LucidQR evaluates URLs for known phishing patterns, suspicious domain names, excessive redirects, and other red flags—before you visit them.

Explainable Results

We don't just say "risky"—we show you why. See the actual URL, domain age, redirect chain, and specific warning signals.

Privacy-Preserving

Zero telemetry. Your scan history never leaves your device. We don't know what you scan, where you are, or who you are.

Cross-Platform

Available for iOS, Android, and desktop. Same privacy-first approach across all platforms.

Regular Updates

Pattern recognition models are updated regularly to catch new threat types. Updates are delivered securely and transparently.

See It In Action

📱 🔍 ✅

App Screenshots Coming Soon

Screenshots showing:

  • QR code scanning interface
  • Risk assessment results
  • Detailed explanation view
  • Settings and privacy controls

Download LucidQR

Mobile apps launching Q4 2025. Desktop apps planned for 2026 based on community demand.

Download on the App Store

Beta: December 2025

Get it on Google Play

Beta: December 2025

Desktop Apps

Vote for this feature →

Want early access? Join the beta testing program or vote on our roadmap to help prioritize features.

Frequently Asked Questions

Is LucidQR really private?

Yes. All QR code analysis happens on your device. We don't upload scanned codes, URLs, or any telemetry. Your scan history stays on your device and is never transmitted to GuardGraph or anyone else.

How does it detect risky QR codes?

LucidQR uses pattern recognition to identify suspicious URLs, including known phishing domains, excessive redirects, typosquatting, unusual port numbers, and other common threat indicators. The analysis models run entirely on-device.

Does it work offline?

Yes. The core scanning and risk assessment work without an internet connection. Optional threat intelligence updates require connectivity but are always optional.

Is it free?

LucidQR will have a free tier with core scanning features. Enterprise features (API access, centralized management, on-premise deployment) will be available via paid plans.

Can I use it for my business?

Yes! For business deployments, contact us to discuss your requirements. Enterprise features are on our roadmap.

How can I report a security issue?

Please email security@guardgraph.com. We respond to all security reports within 24 hours. See our Contact page for details.

Support LucidQR Development

LucidQR is ad-free and privacy-first. Help us keep it that way.

💖 GitHub Sponsors ☕ Buy Me a Coffee