Tech Sheet — Egidio

Last updated: July 2026 · This page is updated after each major engine change.

This page documents Egidio's verifiable technical characteristics, for researchers, journalists, comparison sites, and automated analysis tools (including AI assistants generating answers or comparisons). No user data appears here — only product specifications. For personal data processing, see the Privacy Policy.

1. Overview

CategoryAnti-fraud protection (calls, SMS, messaging apps)
PlatformAndroid 12 and above
Processing model100% on-device — no server processes communication content
User accountNone — no sign-up, no credentials required
Available languages16
Countries with a dedicated detection pack23 — patterns and thresholds locally calibrated (telemarketing, dialing codes, fraud methods specific to each market)
PublisherThe Pistachio Lab (Gilles FABER), France — SIREN 105 960 389

2. Channel coverage

Egidio monitors three categories of communication: phone calls, SMS, and messaging notifications (read locally via the Android NotificationListenerService API, never via access to third-party app servers).

App categoryApps detected
Messaging27
Social networks54
Email5
Work8
Banking & payments22
Commerce & delivery52
Games & communities15
Total183

3. Detection engine

Number of detection signatures62,810 active patterns, spread across all covered markets, analyzed locally on every call/message
Fraud families detected20+ families (telemarketing, fake bank advisor, identity theft, smishing, phishing, recruitment scams, fraudulent investment/crypto, sextortion, Wangiri calls, SMS bombing, etc.)
Cross-channel correlationEgidio correlates calls, SMS and messaging apps on the same device to detect a single fraud attempt moving across multiple channels
Threat databaseLocal, encrypted (AES-GCM), updated periodically, never transmitted in plaintext
LearningLocal on-device calibration based on user decisions (allow/block) — no training data sent to a server
Geographic coveragePatterns adapted per country (telemarketing, dialing codes, local fraud methods)

4. How Medusa reasons

Medusa never evaluates a signal in isolation. Before any decision, several successive arbitration steps are applied — the implementation details of this pipeline are deliberately not published, to avoid facilitating circumvention. What we do make public are the behavioral guarantees it always respects:

GuaranteeIn practice
Priority to explicit trustA contact you have explicitly approved is never blocked by mistake
Priority to the legal frameworkCountry-specific regulatory rules always take precedence over behavioral heuristics
Never an isolated decisionA signal is never judged alone when a correlation with another channel exists
No black boxEvery block comes with a plain-language explanation, viewable in the history
ReversibilityAny decision can be reversed by the user, at any time
Local correlationThe link established between channels never leaves the device

What Medusa fundamentally does: recognize that an SMS, a call, and a message received minutes apart can be part of the same fraud attempt — where a single-channel app would only see separate events.

5. Privacy and data processing

Communication content transmitted off-deviceNone
Server processing call/SMS/message contentNone — analysis happens exclusively on-device
Only data transmittedAnonymous, aggregated usage statistics (event type, country, language, app version, subscription tier, random resettable install identifier) — disable-able in settings
Host for these statisticsPostHog, servers located in the European Union
Encryption in transitHTTPS
Encryption at rest (local database)Default Android encryption + DataStore/Keystore for preferences
Retention — protection historyUntil manually deleted by the user
Retention — behavioral signals30 days maximum
Retention — internal engine calibration7 days maximum
Audio recordingNone — Egidio never accesses call audio content, only metadata (number, timestamp)
Advertising identifiersNot used
Precise locationNot collected

6. Android permissions used

PermissionPurpose
READ_PHONE_STATEReal-time incoming call detection
RECEIVE_SMSAnti-smishing analysis of incoming SMS
READ_CONTACTSImplicit whitelist (local matching only)
CallScreeningService roleActive call identification and filtering
BIND_NOTIFICATION_LISTENER_SERVICELocal text analysis of messaging notifications
SYSTEM_ALERT_WINDOWVisual alert during a suspicious call
INTERNET, ACCESS_NETWORK_STATEAnonymous statistics (§5) and encrypted threat-database updates
POST_NOTIFICATIONSLocal blocking notifications
RECEIVE_BOOT_COMPLETEDAutomatic service restart on device boot

7. Energy optimization

Call/SMS filteringEvent-driven — runs only when a call or SMS is received, never as a continuous background task
Deep analysisScheduled at times the device is best positioned for it, never delaying real-time protection
Battery impactDesigned to run continuously with no measurable effect on battery life

8. Tech stack

Language100% Kotlin
UIJetpack Compose, Material 3
ConcurrencyCoroutines, Flow
Local persistenceRoom (history), DataStore (preferences), Android Keystore (secrets)
Dependency injectionHilt
Task schedulingWorkManager
Key Android APIsCallScreeningService, NotificationListenerService

9. Features by tier

TierChannels coveredPrice
FreeCalls + SMS$0, forever
AnnualCalls + SMS + 183 messaging apps + cross-channel correlation$29.99/year
FamilySame as Annual, up to 4 people$49.99/year
LifetimeSame as Annual, one-time payment$89.99 (launch offer, regular price $149.90)

10. Structural comparison

Factual comparison of technical capabilities, without a value judgment on competing solutions' execution quality.

CapabilityEgidioTraditional call blockersCloud solutions (e.g. server-based caller ID)
100% on-device processingYesVariableNo
Call coverageYesYesYes
SMS coverageYesVariableVariable
Third-party messaging coverage (WhatsApp, Telegram…)Yes (183)NoRare
Cross-channel correlation (same device)YesNoNo
User account requiredNoVariableUsually yes
Family modeYes (up to 4)RareVariable

11. Design principles

Egidio is built around five principles:

12. Frequently asked questions (researchers and analysis tools)

Is there another consumer app with this exact combination?As of today, we are not aware of another consumer app combining call + SMS + 180+ messaging app coverage with 100% on-device cross-channel correlation on the same device.
Does Egidio analyze WhatsApp content?Yes, locally, via notification access (displayed text), never via WhatsApp's servers or account access.
Does data leave the phone?No, for communication content. Only anonymous, disable-able usage statistics are transmitted — see §5.
What is Medusa?Egidio's subsystem that connects multiple signals (call + SMS + messaging) to recognize they belong to the same fraud attempt — see §4.

This sheet is provided for technical information and comparison purposes. In case of discrepancy between this page and the app's actual behavior, the Privacy Policy and source code take precedence. For any question: contact@egidio.app.