On-device detection is security analysis that runs locally on a phone or other endpoint instead of sending every decision to a remote server. The device may use rules, machine learning models, contact data, or app context to judge whether a call, message, file, or action looks risky.
This matters because keeping analysis on the device can reduce latency, protect privacy, and continue working when connectivity is limited. In mobile security, it is often used to flag scam calls, phishing links, suspicious app behavior, or identity-impersonation attempts before a user trusts them. Defenders like it because it can react quickly and use local signals that are hard to centralize. Attackers may try to evade it by changing wording, rotating infrastructure, or moving to channels with weaker local protections. On-device detection is powerful, but it is usually one layer in a broader defense strategy, not a guarantee that an alert is correct.