Nosmai Effects Nosmai Moderation Nosmai Try-ons coming soon
docs / nosmai moderation / core concepts / security

Security

security · Group: Core concepts

Everything runs on the device

All moderation happens locally. Images, video frames and messages are analyzed on the device and are never uploaded, so there is no server that could store or leak user content. This is the core of how Nosmai handles data.

What leaves the device

Only one thing touches the network, and it carries no user content: the license check. On the first launch (and when the cached license expires) the SDK sends a small verify request with your license key, a device identifier, the platform, the SDK version, and your app's package name, bundle id, or domain. No image, frame, or message is ever part of that request.

After a successful check the result is cached, so later launches usually need no network at all.

Encrypted models

The detection models ship inside the SDK as encrypted files (AES-256-GCM). The decryption key is not bundled with the app: it is delivered inside the signed license at runtime, and the models are decrypted only in memory after a valid license check. A raw copy of a model file, taken from the app package or a CDN, is unusable ciphertext on its own.

License integrity

The license is a signed token (RS256). The SDK verifies the signature on the device against a pinned public key, so a fake or tampered response cannot unlock the models, and a key issued for a different app, domain, or platform is rejected.

Honest limits

On-device moderation is private and hard to scrape, but it is not tamper-proof against a determined, licensed attacker:

  • To run, a model must be decrypted in memory on a device that holds a valid license, so someone with that access can, with effort, reach it. Encryption stops casual and unlicensed extraction, not a motivated insider.
  • Because the check happens client-side, the content author's own app can choose to ignore a verdict.

For stricter guarantees, treat the on-device verdict as a fast first layer and enforce the decisions that matter (for example, whether a post is published) on your server as well. Contact Nosmai if you need per-license model keys so a leak can be traced and revoked.

Best practices

  • Use separate test and production license keys, and use the production key only in release builds.
  • Keep license keys out of source control and public repositories; treat them as app configuration.
  • On web, serve the model files from an origin you control and restrict access to your own domain.

[!NOTE] See Authentication for how license verification, caching and the offline grace period work.

Nosmai

We make advanced camera and AI technology accessible to every developer. By packaging hard problems into simple

developers
legal
newsletter

Product updates and release notes. No spam.

© 2026 nosmai, inc · all rights reserved