Is CamScanner Safe? What You Should Know About Privacy.

CamScanner is probably safe from malware today, but its privacy trade-offs are significant: it uploads documents to servers under Chinese data jurisdiction, embeds advertising SDKs that collect device data, and requires an account that links your scanning activity to a persistent profile. The 2019 Trojan-Dropper incident discovered by Kaspersky Lab was addressed, but the structural privacy concerns remain. This post lays out the publicly reported facts, explains the trade-offs, and lets you draw your own conclusion.

Before we get into it: we build ScanLens, a competing scanner app, so we have an obvious interest here. We have tried to keep this post factual and fair. Everything cited below is drawn from publicly reported sources — Kaspersky Lab research, news outlets like Forbes and The Verge, and CamScanner's own published privacy policy. We are not making claims beyond what is in the public record.

What is CamScanner?

CamScanner is a document scanning app developed by INTSIG Information Co., Ltd., a company based in Shanghai, China. The app has been available on both Android and iOS for over a decade and is one of the most downloaded scanner apps globally. It offers document scanning, OCR (optical character recognition), cloud storage, PDF conversion, and document sharing.

The app operates on a freemium model with in-app advertisements in the free tier and a premium subscription that removes ads and unlocks additional features. CamScanner requires users to create an account to use the full set of features, and scanned documents can be synced to CamScanner's cloud servers.

For years, CamScanner was a straightforward recommendation for anyone who needed to scan documents on their phone. That changed in August 2019.

The 2019 malware incident

In August 2019, researchers at Kaspersky Lab — one of the most widely recognized cybersecurity firms in the world — discovered malicious code inside CamScanner's Android app. Specifically, they identified a Trojan-Dropper component (Trojan-Dropper.AndroidOS.Necro.n) embedded within a third-party advertising library that CamScanner included in the app.

The Trojan-Dropper was capable of downloading and executing additional malicious code on the user's device. According to Kaspersky's analysis, the malicious module could display intrusive ads, sign users up for paid subscriptions without their knowledge, and execute arbitrary code delivered from remote servers.

The finding was significant enough that Google removed CamScanner from the Play Store. The story was covered by Forbes, The Verge, ZDNet, and numerous other technology publications. For many users, this was the first time a mainstream, highly-rated productivity app had been found carrying what amounted to malware — not from a hack, but from a third-party SDK the developers had chosen to include.

What happened next

To be fair to INTSIG, the company responded. CamScanner removed the offending advertising SDK, issued an updated version of the app, and was eventually reinstated on the Google Play Store. INTSIG attributed the issue to the third-party advertising library rather than to their own code, which is plausible — this kind of supply-chain compromise through ad SDKs is a known risk in the mobile ecosystem, and other apps have been affected by similar issues.

The app has been available on both major app stores since the incident was resolved. There have been no publicly reported repeats of the specific malware issue. That is worth acknowledging.

The 2019 incident did not mean CamScanner's developers were intentionally distributing malware. It did mean that the advertising SDK they chose to monetize the app introduced a serious security vulnerability. The question is what that reveals about the trade-offs in the app's business model.

Data jurisdiction: what Chinese ownership means

Separate from the 2019 malware incident, CamScanner raises a different kind of privacy question that has nothing to do with bugs or bad code. INTSIG is headquartered in Shanghai, and like all companies operating in China, it is subject to Chinese data laws.

China's data governance framework — including the Cybersecurity Law (2017), the Data Security Law (2021), and the Personal Information Protection Law (2021) — gives the Chinese government broad authority to access data held by companies within its jurisdiction. This is not speculation or editorial commentary; it is the text of the laws themselves.

When you scan a document with CamScanner and that document is uploaded to CamScanner's cloud servers, the data resides in infrastructure operated by a company under Chinese jurisdiction. Whether the Chinese government has ever exercised its authority to access CamScanner user data is not publicly known. But the legal framework that would allow it to do so exists.

For some users — particularly those scanning personal financial documents, legal records, medical information, or business contracts — this jurisdictional question matters more than any past malware incident. The malware was a fixable bug. The jurisdiction is structural.

This is not unique to CamScanner. Any app operated by a company under any government's jurisdiction is subject to that government's data access laws. The question is whether you are comfortable with the specific jurisdiction in question, given the specific sensitivity of what you are scanning.

CamScanner's privacy policy: what it says

CamScanner's privacy policy, as publicly available on their website, states that the app collects various categories of data. These include:

• Usage data — information about how you use the app, what features you access, and how often
• Device information — device model, operating system version, unique device identifiers
• Account information — email address and profile data associated with your CamScanner account
• Document data — scanned documents synced to CamScanner's cloud service

The policy also states that CamScanner may share data with third parties, including advertising partners and analytics providers. This is standard for ad-supported free apps, but it is worth understanding that "free" document scanning is being paid for with data — your usage patterns, your device fingerprint, and potentially metadata about the documents you scan.

CamScanner also requires an account for full functionality. This means the app maintains a persistent identity tied to your email, linking your scanning activity to a specific profile over time.

The broader pattern: ad-supported scanning

The 2019 malware incident was dramatic, but the everyday privacy reality of CamScanner is more mundane and arguably more relevant. CamScanner's free tier is ad-supported, which means the app includes advertising SDKs — code from third-party ad networks that runs inside the app.

Advertising SDKs typically collect device identifiers, location data, usage patterns, and other signals to serve targeted ads and measure their effectiveness. This data flows from your device to the ad network's servers, which are operated by companies you did not choose and whose privacy practices you have no direct relationship with.

The irony of the 2019 incident is that the malware was in an advertising SDK — the exact kind of third-party code that ad-supported apps routinely include. The specific SDK was malicious, but the general practice of embedding third-party advertising code in a document scanner raises its own questions. You are giving a document scanner access to your camera and your files. That same app is also running code from an ad network. The attack surface is inherently larger than it needs to be.

This is not a CamScanner-specific problem. It is the business model problem of any "free" scanner app that monetizes through advertising. The scanner itself might be safe. The ad SDK riding along might not be. And you cannot meaningfully audit what the ad SDK is doing. Apps like ScanLens that process everything on-device and include no advertising SDKs avoid this category of risk entirely.

What to consider when evaluating any scanner app

Rather than framing this as "CamScanner is bad," it is more useful to think about the specific factors that matter for scanner app privacy. These apply to any app, not just CamScanner:

• Where is data processed? Does scanning and OCR happen on your device, or are your documents uploaded to the company's servers? On-device processing means your documents never leave your phone. Server-side processing means a copy exists on someone else's infrastructure.
• What jurisdiction is the company in? This determines what legal frameworks govern access to your data. US, EU, China, and other jurisdictions have meaningfully different data access laws.
• Does the app include advertising SDKs? Ad-supported apps embed third-party code that collects data for targeting. This expands the number of parties with access to information about your device and behavior.
• Is an account required? Account requirements create a persistent identity that ties your scanning activity to a specific profile. No-account apps cannot build a usage history tied to you.
• What does the privacy policy actually say about data sharing? Read the sections on third-party sharing. If the policy says data may be shared with advertising partners, analytics providers, and business affiliates, that is a lot of parties.
• Has the app had security incidents? Past incidents do not necessarily predict future ones, but they do tell you something about the company's supply chain choices and security review processes.

How ScanLens approaches this differently

We build ScanLens, so here is where we disclose our bias — and explain the architectural decisions we made and why. You can verify each of these claims against our published privacy policy and the app itself.

• On-device processing. Scanning and OCR in ScanLens happen entirely on your iPhone. Your documents are not uploaded to our servers for processing. We do not see your scans, and we could not access them even if we wanted to. Our document security page covers the technical details.
• No account required. You can use ScanLens without creating an account or providing an email address. There is no persistent identity linking your scanning activity to a profile.
• No advertising SDKs. ScanLens does not include any ad network code. There are no third-party advertising libraries running in the app, which means no ad-related data collection and no supply-chain risk from ad SDKs.
• No analytics SDKs. We do not embed third-party analytics frameworks. We do not track which features you use, how often you open the app, or what you scan.
• Revenue model: paid app. ScanLens is free to start with a premium upgrade. We make money from the product, not from advertising or data. This means we have no financial incentive to collect or share your information.

These are not just marketing claims — they are architectural decisions that are verifiable. An app without ad SDKs cannot collect ad-targeting data because the code to do so does not exist in the binary. An app that processes documents on-device cannot leak your documents to a server because the upload code is not there. Our scanner app comparison page provides a side-by-side view of how these factors differ across popular scanning apps.

So is CamScanner safe?

The honest answer is: it depends on your definition of "safe" and what you are scanning.

If "safe" means "will it give my phone a virus right now" — probably yes, it is safe. The 2019 malware issue was addressed years ago, the app has been back on app stores since, and there are no publicly reported repeat incidents.

If "safe" means "my scanned documents are private and no third parties have access to data about my scanning activity" — the answer is more complicated. CamScanner's business model involves advertising SDKs, account requirements, cloud uploads, and a privacy policy that permits third-party data sharing. The company operates under Chinese data jurisdiction. None of these things are hidden — they are in the privacy policy and inherent to the app's architecture. But they are trade-offs that are worth understanding before you scan your tax returns, medical records, or business contracts.

If you are scanning a restaurant menu or a whiteboard from a meeting, the privacy calculus is different than if you are scanning your passport, your lease agreement, or your medical test results. The sensitivity of what you scan should inform how much you care about where that data goes.

Making your own decision

We are not going to tell you not to use CamScanner. Millions of people use it and are satisfied with it. The app works, the scanning quality is reasonable, and for many use cases the privacy trade-offs are acceptable.

What we will say is: read the privacy policy of whatever scanner app you choose. Understand whether your documents are processed on-device or uploaded to servers. Know what jurisdiction the company operates under. Check whether the app includes advertising SDKs. And consider whether the sensitivity of the documents you scan warrants a privacy-first alternative.

If after considering all of that you decide you want a scanner that processes everything on your device, requires no account, includes no ads or analytics, and is built by a team that makes money from the product rather than from your data — that is what ScanLens is designed to be.

Further reading

If this topic matters to you, these related posts go deeper on specific aspects:

• Are Digital Receipts Accepted by the IRS? — understanding what the IRS requires for digital recordkeeping
• Which Documents Should You Keep as Paper Originals? — knowing what to digitize and what to keep in physical form
• How to Organize Digital Documents — building a filing system that holds up over time