Find out what an app does and report from the proof.
For journalists, students, researchers, and activists, Veracta turns hidden software behavior into findings that can be checked, explained, and reported responsibly.
Talk to usFrom "it might" to "here is what happened."
App-store labels and privacy policies are written by the people shipping the software. Veracta observes what happens when the software runs, including behavior hidden behind encryption, region, WebViews, or runtime flags.
What data moved
Unique canary values help show whether location, identifiers, email, phone, clipboard, or other fields left the environment.
Where it went
Findings identify the destination host or service for the observed network traffic.
Where it happened
Because behavior can vary by country, findings stay tied to the region and context that produced them.
The proof ladder.
This ladder helps readers understand the strength of each finding.
Capability only
The app could access something sensitive. Veracta observed the canary staying inside the test environment.
Suspected exfiltration
There is a strong signal near a bridge, script, native call, or outbound request. The finding needs more evidence before confirmation.
Confirmed exfiltration
The exact unique value appears in an outbound request to a destination outside the environment.
Careful evidence makes stronger stories.
Veracta keeps plain-language findings attached to the underlying proof. Capability findings, suspected findings, and confirmed findings each keep their own label.
Dormant face-recognition capability, mapped layer by layer.
The investigation distinguished what reached the vendor from what stayed on device, using decrypted traffic and a strict no-real-user, no-transmit safety discipline.
The same app can tell different truths in different places.
An app can behave one way in Germany and another in Brazil. Veracta records and verifies the test region before analysis, so public-interest claims stay tied to where the behavior was actually observed.