Find SSNs, card numbers, and other PII before you share.
Drop an image of your document. We'll flag the patterns you probably don't want strangers to read — Social Security numbers, credit cards, phones, emails — all in your browser.
Upload an image to scan
PNG, JPG, WebP · up to 50MB · stays on your device
Got a PDF? Open it in the main redactor →
What the scanner looks for
Seven categories of personally identifying information that show up most often in the documents people redact — bank statements, pay stubs, contracts, IDs, medical forms, tax returns. The scanner is strict on purpose: it only flags values that pass structural checks (Luhn for card numbers, SSA area-number validity for SSNs, IRS prefix validity for EINs) so false positives stay low.
Social Security Numbers
9-digit XXX-XX-XXXX shapes, rejecting ranges the SSA never issued (000, 666, 900+) and all-zero segments. ITINs (9XX-XX-XXXX) are also flagged separately.
Credit / debit card numbers
13 to 19 digits with Luhn checksum validation. A random 16-digit number is almost never Luhn-valid by accident — so a hit here is almost always a real card number.
Employer Identification Numbers
XX-XXXXXXX shapes with a valid IRS campus prefix. Common on tax documents, W-9s, and business filings that people forward without redacting.
Phone numbers
North American Numbering Plan — 10 digits with area code, with or without parens, hyphens, or country code. Deduplicated when they overlap a card-number match.
Email addresses
Standard name@domain.tld shapes. Rarely a false positive because the @-dot-tld pattern almost never occurs in document text unless it really is an email.
US passport numbers
Only flagged when the word 'passport' appears elsewhere in the document — an alphanumeric 9-character sequence is too generic to flag without context.
What this scanner does NOT catch
Honest disclosure — the scanner is a first pass, not a replacement for reviewing your own document:
- Names, addresses, and dates of birth. These need context to identify (is “John Smith” a PII leak or a public name?). The main redactor highlights candidate name/address regions from OCR structure; the scanner intentionally sticks to strictly structured numeric PII so it doesn't flood you with guesses.
- Account numbers, routing numbers, policy numbers. Too many shapes per institution; flagging 9-digit numbers as “routing numbers” would produce constant false positives.
- Handwritten text. OCR reads printed characters only. Signatures and margin notes usually come back as garbled nonsense.
- Images embedded in PDFs. PDF scanning is not supported in this MVP — use the main redactor for PDFs; it renders each page to canvas and runs OCR per page.
- International formats. Phone numbers outside the North American Numbering Plan, non-US tax IDs, and foreign passports aren't matched. The failure mode is silent — they just won't appear in the results.
Found sensitive data? Redact it properly.
RedactID paints opaque pixels over the regions you mark — no text layer, annotation, or metadata survives. Scan here first, redact over there. One free redaction per day, no account required.
Why scan before you redact?
Most people who redact a document know what they're aiming at — the SSN, the account number, the address. What they miss is the second and third occurrence on page 4, the card number buried in a receipt they stapled in, the email on the signature block they forgot about. The scanner is for catching those, not the thing you already remembered.
The masked previews (“***-**-1234”, “**** **** **** 1111”) show enough for you to locate each hit in your original document without us ever rendering the full secret on this page. That's a conscious design choice: if your scanner has to show you the SSN to be useful, the scanner itself becomes a leak risk.
Once you've confirmed the hits are real, click “Redact this file” and we hand the same file off to the main redactor — no re-drop, no re-upload. The main tool runs its own OCR pass and highlights the same patterns so you can paint over them and export a clean image.