Demo mode — fixture data only

Sign in for live data

Fixture/local protection command center

SubShield

Recurring-charge protection for subscriptions, renewals, and cancellation proof.

Stop losing money quietly!

Command centerGuided tour
Demo/local only
9Obligations
2Renewal risks
2Proof items

Derived recurring-obligation state only. No bank sync, automatic cancellation, money movement, or legal authority.

Fixture demo only. Connector strategy and email/CSV prototypes use embedded fixture data only. No Gmail OAuth, no mailbox access, no token storage, no bank connection, no persistence, and no money movement. Governance defines consent, scope, custody, and deletion rules for a future connector only.

BKI-SUB-027 · Session-only progress

SubShield guided tour

In-app guide for testers and operators. Explains each dashboard area, what is demo/local vs dev-preview vs decision-only vs blocked. Viewed steps are tracked in this browser session only — no accounts, analytics, or persistent onboarding.

Tutorial steps17
Demo features10
Dev preview1
Decision only5
Blocked / future1
Viewed this session0

Welcome to SubShield

Demo / local

SubShield helps you spot recurring charges, renewal risk, and post-cancel repeat billing using derived obligation state — not live banking or automatic cancellation.

Go to section

What you can do now

  • Use this guided tour to jump to each dashboard section.
  • Mark steps viewed in this browser session only.

Not available yet

  • No accounts, analytics, or persistent onboarding tracking.
  • No production onboarding or “you are fully protected” claims.

Safety boundary

  • Fixture/local demo posture — not a production financial product yet.
  • No money movement, legal advice, or refund/dispute automation.

BKI-SUB-022 · Reconciled dashboard IA polish

Protection command center

9 obligations reconciled · 11 renewal alerts · 2 proof items. Reference date 2026-05-30. This groups fixture/local derived outputs into the three queues a user would review first.

Renewal queue

Cursor Pro

URGENT

Cursor Pro renewal due in 2 day(s) (2026-06-01). Due 2026-06-01.

Next step: Confirm you still want the subscription or cancel before renewal.

Evidence: Demo card statement — May 2026; Fixture CSV statement prototype; Fixture email receipt connector prototype

Open renewal queue
Proof watch

Adobe Creative Cloud

WATCHING FOR REPEAT CHARGE

Derived proof metadata from gmail dev preview.

Next step: Watch card activity until watch-until date; flag unexpected charges in SubShield.

Evidence: Gmail dev/preview session scan — derived only

Open proof watch
Source confidence

Neighbor Cafe repeat

41% confidence

2 source lanes; match reasons: normalized_merchant_match, category_match, date_proximity.

Next step: Review the derived source labels and keep raw CSV/email/Gmail payloads out of retained state.

Evidence: Demo similar amounts; Fixture CSV statement prototype

Open source confidence

Manual import design spike

Connector-first is the long-term source path (email receipts first). CSV remains a fallback/manual audit lane (fixture prototype below). PDF and screenshots remain designed but blocked.

Designed input lanes3
MVP candidate1
OCR-required lanes1
Raw files stored by default0

CSV statement export

MVP candidate

User exports a statement as CSV for the audit.

Input: CSV export

Parser now: Fixture prototype only

OCR: No

PDF statement

Designed, not enabled

User provides a PDF only after retention copy exists.

Input: PDF statement

Parser now: No

OCR: No

Screenshot of statement lines

Designed, not enabled

User supplies a narrow screenshot of relevant statement rows.

Input: Screenshot

Parser now: No

OCR: Required later

Connector-first source strategy

SubShield becomes a recurring-obligation intelligence layer over user-controlled sources. Email receipts are the preferred first live connector lane; bank/card access is high-risk and blocked until explicit approval.

Source connectors6
Fixture-only lanes2
High-risk lanes1
Recommended firstemail_receipt

Email receipt / cancellation-proof connector

Fixture onlyLow risk

Detects: Subscription receipts; Renewal notices; Trial start/end emails

Blocked until: Live OAuth; Token custody decision

App-store / platform subscription metadata

Future candidateMedium risk

Detects: Platform subscription status; Renewal dates; Family sharing hints

Blocked until: Platform partnership or API scope; Consent copy

Manual cancellation proof entry

Future candidateLow risk

Detects: User-entered confirmation numbers; User-attached proof metadata

Blocked until: Proof upload UX; Retention copy

CSV / manual statement import

Fixture onlyLow risk

Detects: Exported statement rows; Manual audit uploads (future)

Blocked until: Production upload UX; Retention/redaction decision

Bank / card transaction connector

Blocked until approvedHigh risk

Detects: Card transactions; Merchant descriptors; Recurring charge patterns

Blocked until: Privacy/compliance review; Explicit product approval

PDF / screenshot artifacts

Designed, not enabledMedium risk

Detects: PDF statement tables; Screenshot statement lines

Blocked until: PDF parser; OCR scope

Email connector governance

SubShield can review subscription-related receipts, renewal notices, and cancellation confirmations to detect recurring obligations and proof signals. In this version, connector access is not live. Future connector access will require explicit consent and can be disconnected.

Decision options5
Fixture approved1
Dev/preview eligible2
Production custody blocked2
Broad mailbox blocked1
Recommended nextgmail

Current state — fixture-only email receipt prototype

Approved — fixture only

Access: no mailbox access

Custody: none fixture only

Current state — fixture prototype only

Recommended next — Gmail dev/preview session-only

Approved — dev/preview only

Access: receipt search only

Custody: session only no persistence

Recommended next implementation path

Future option — Outlook dev/preview session-only

Approved — dev/preview only

Access: user selected messages

Custody: session only no persistence

Blocked — production persistent token custody

Blocked — pending decision

Access: receipt search only

Custody: encrypted server custody

Blocked: production persistent tokens

Blocked — broad mailbox read (not allowed for MVP)

Blocked for MVP

Access: broad mailbox read

Custody: not allowed

Blocked: production persistent tokens

Blocked: broad mailbox read for MVP

Gmail dev/preview connector

Operator testing path only. Session-only access token in an encrypted HTTP-only cookie (~15 minutes). Receipt/search-limited scan. Parse then discard. Public production Gmail launch remains blocked.

Dev/preview onlyProduction blockedSession-onlyNo refresh token storedNo persistenceReceipt/search-limited scan

Production launch gate

Production approvedNo
Blocked gates3
Next decisioncontinue dev preview

No production connector enabled. See docs/PRODUCTION_CONNECTOR_LAUNCH_GATE.md.

Internal alpha gate (not production)

Internal alpha approvedyes
Required gates passed11/11
Blocked / not-run0
Recommended decisionapprove limited internal alpha

Operator evidence: PASS (docs/evidence/gmail-dev-preview-20260531-0100.md). Limited internal alpha = test users only, session-only Gmail, no public launch. See docs/GMAIL_INTERNAL_ALPHA_DECISION.md.

Connector status
Config valid
Session active
Session expiry
Max results
Scope
Last scan
Diagnostics
Derived contract
Start Gmail dev preview

BKI-SUB-048 · Read-only audit review

Connector audit events

Safe fields only — no tokens, raw email, or secrets. Live users see their own rows via RLS; this panel uses fixture demo data on /dev.

Total events4
Gmail activityYes
Deletion eventsNo
Latest event2 hours ago
WhenEventSafe detail
3 hours agoGmail connect startedprovider: google · mode: session_only
2 hours agoGmail connect completedsessionOnly: true
2 hours agoGmail scan completedobligationCount: 4 · proofCandidateCount: 1
2 hours agoBilling checkout startedpriceIdConfigured: true

Cross-source reconciliation preview

Fixture/local only. No persistence. No live Gmail required. Derived source labels only. Raw CSV/email payloads are not retained.

Input count32
Reconciled output9
Merged23
Proof-only0
Watchlisted2
MerchantAmountCadenceStatusConfidenceSourcesEvidenceRisk flags
Adobe Creative Cloud$71.99MonthlyCancelled and watchlisted98%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo charge after cancel letter · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyCancelled but charged again, Refund missing
Apple Services$14.49MonthlyConfirmed subscription98%demo_fixture, csv_import, gmail_dev_previewDemo card statement — May 2026 · Fixture CSV statement prototype · Gmail dev/preview session scan — derived onlyObscure merchant descriptor
Cursor Pro$32.00MonthlyConfirmed subscription98%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo card statement — May 2026 · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyPrice increase detected
Dropbox Plus$15.99MonthlyConfirmed subscription98%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo card statement — May 2026 · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyDuplicate category
GoodLife Fitness$64.99MonthlyCancelled and watchlisted98%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo card statement — April 2026 · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyInactive candidate, Cancelled but charged again
Google One Storage$2,026.00AnnualConfirmed subscription95%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo prior-year renewal · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyAnnual renewal soon
Kids Game Pass trial$2,026.00MonthlyProbable subscription90%demo_fixture, email_receipt, gmail_dev_previewDemo trial receipt · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived onlyTrial conversion risk, Family shared — unknown owner, Obscure merchant descriptor
Neighbor Cafe repeat$24.50UnknownPossible recurring charge41%demo_fixture, csv_importDemo similar amounts · Fixture CSV statement prototype
Netflix$2,026.00MonthlyConfirmed subscription98%demo_fixture, csv_import, email_receipt, gmail_dev_previewDemo card statement — May 2026 · Fixture CSV statement prototype · Fixture email receipt connector prototype · Gmail dev/preview session scan — derived only

BKI-SUB-029 · Fixture/local review workflow

Re-import diff preview

Review each change between fixture before/after snapshots. Mark rows reviewed in this session only — nothing is saved. Use filters to focus on urgent changes first; toggle unchanged rows when confirming stable merchants.

Before count6
After count7
Changes10
New2
Removed1
Amount changes1
Urgent2
Watch1
Unchanged (total)1
Reviewed (visible)0

10 visible changes still need review in this session.

1 unchanged merchant hidden — enable the toggle to include them.

ReviewedMerchantChangeSeverityBefore amountAfter amountBefore next chargeAfter next chargeMessageRecommended actionEvidence labels
Cursor ProAmount changedurgent$32.00$42.002026-06-012026-07-01Cursor Pro amount changed from 32 to 42.Investigate the price jump; compare to prior receipts or merchant notice.Demo card statement — May 2026 · Demo card statement — June 2026 re-import
Kids Game Pass trialNew obligationurgent$6.992026-07-01Kids Game Pass trial appears as a new derived recurring obligation.Review the new recurring charge; confirm whether it should stay on your card.Fixture email receipt connector prototype
Adobe Creative CloudCancellation state changedwatch$71.99$71.99Adobe Creative Cloud cancellation state changed from watching_for_repeat_charge to repeat_charge_detected.Repeat charge detected after cancellation — compare to proof metadata.Demo charge after cancel letter · Demo card statement — June 2026 re-import
Adobe Creative CloudRisk flags changedwarning$71.99$71.99Adobe Creative Cloud risk flags changed between re-import snapshots.Review new risk flags and watch for trial conversion or repeat charges.Demo charge after cancel letter · Demo card statement — June 2026 re-import
Cursor ProRisk flags changedwarning$32.00$42.002026-06-012026-07-01Cursor Pro risk flags changed between re-import snapshots.Review new risk flags and watch for trial conversion or repeat charges.Demo card statement — May 2026 · Demo card statement — June 2026 re-import
Google One StorageNext charge changedwarning$29.99$29.992026-06-122026-05-20Google One Storage next expected charge moved from 2026-06-12 to 2026-05-20.Renewal or charge date moved earlier — review before the new date.Demo prior-year renewal · Demo card statement — June 2026 re-import
Spotify PremiumNew obligationwarning$11.992026-07-01Spotify Premium appears as a new derived recurring obligation.Review the new recurring charge; confirm whether it should stay on your card.Demo card statement — June 2026 re-import
Cursor ProNext charge changedinfo$32.00$42.002026-06-012026-07-01Cursor Pro next expected charge moved from 2026-06-01 to 2026-07-01.Note the later charge date; adjust renewal reminders if needed.Demo card statement — May 2026 · Demo card statement — June 2026 re-import
Dropbox PlusRemoved obligationinfo$15.992026-06-10Dropbox Plus is no longer present in the re-imported derived set.Confirm the charge truly stopped; keep proof if you recently cancelled.Demo card statement — May 2026
NetflixNext charge changedinfo$18.99$18.992026-06-022026-07-02Netflix next expected charge moved from 2026-06-02 to 2026-07-02.Note the later charge date; adjust renewal reminders if needed.Demo card statement — May 2026 · Demo card statement — June 2026 re-import

Renewal Shield preview

Local preview only. No notifications yet. No background scan. No production connector required.

Total alerts11
Urgent2
Warnings7
Watchlist2
Next 7 days5
Next 30 days11
MerchantSeverityKindDueDays untilMessageRecommended action
Cursor Prourgentrenewal due soon2026-06-012Cursor Pro renewal due in 2 day(s) (2026-06-01).Confirm you still want the subscription or cancel before renewal.
Netflixurgentrenewal due soon2026-06-023Netflix renewal due in 3 day(s) (2026-06-02).Confirm you still want the subscription or cancel before renewal.
Apple Serviceswarningrenewal due soon2026-06-089Apple Services renewal due in 9 day(s) (2026-06-08).Confirm you still want the subscription or cancel before renewal.
Cursor Prowarningprice increase2026-06-012Price increase detected for Cursor Pro.Review the new amount before the next charge posts.
Dropbox Pluswarningrenewal due soon2026-06-1011Dropbox Plus renewal due in 11 day(s) (2026-06-10).Confirm you still want the subscription or cancel before renewal.
Google One Storagewarningannual renewal2026-06-1213Google One Storage renewal due in 13 day(s) (2026-06-12).Confirm you still want the subscription or cancel before renewal.
Kids Game Pass trialwarningtrial conversion2026-06-1516Trial conversion risk for Kids Game Pass trial — charge expected 2026-06-15.Cancel before the trial ends if you do not want to be charged.
Kids Game Pass trialwarningrenewal due soon2026-06-1516Kids Game Pass trial renewal due in 16 day(s) (2026-06-15).Confirm you still want the subscription or cancel before renewal.
Neighbor Cafe repeatwarningrenewal due soon2026-06-2223Neighbor Cafe repeat renewal due in 23 day(s) (2026-06-22).Confirm you still want the subscription or cancel before renewal.
Adobe Creative Cloudwatchcancelled watch repeat charge2026-04-01-59Adobe Creative Cloud was cancelled — watch for repeat charges on your card.Compare upcoming card activity to cancellation proof; dispute unexpected charges with your bank.
GoodLife Fitnesswatchcancelled watch repeat charge2026-06-056GoodLife Fitness was cancelled — watch for repeat charges on your card.Compare upcoming card activity to cancellation proof; dispute unexpected charges with your bank.

BKI-SUB-023 · Local notification design (preview only)

Renewal notification design

Local design preview only. These rows show copy, timing, and user action intent for future reminders. No push, email, SMS, background scheduler, persistence, or delivery channel is enabled.

Design items11
Local previews11
Future channels0
Delivery enabled0
Schedulers enabled0
Raw payloads retained0
MerchantUrgencyTitlePreview copyTarget dateChannelDelivery
Cursor ProNeeds review nowRenewal review: Cursor ProCursor Pro renewal due in 2 day(s) (2026-06-01). Target date: 2026-06-01. This is a local preview only; no notification was sent.2026-06-01in app local onlyDisabled preview
NetflixNeeds review nowRenewal review: NetflixNetflix renewal due in 3 day(s) (2026-06-02). Target date: 2026-06-02. This is a local preview only; no notification was sent.2026-06-02in app local onlyDisabled preview
Apple ServicesReview soonRenewal review: Apple ServicesApple Services renewal due in 9 day(s) (2026-06-08). Target date: 2026-06-08. This is a local preview only; no notification was sent.2026-06-08in app local onlyDisabled preview
Cursor ProReview soonPrice change review: Cursor ProPrice increase detected for Cursor Pro. Target date: 2026-06-01. This is a local preview only; no notification was sent.2026-06-01in app local onlyDisabled preview
Dropbox PlusReview soonRenewal review: Dropbox PlusDropbox Plus renewal due in 11 day(s) (2026-06-10). Target date: 2026-06-10. This is a local preview only; no notification was sent.2026-06-10in app local onlyDisabled preview
Google One StorageReview soonAnnual renewal review: Google One StorageGoogle One Storage renewal due in 13 day(s) (2026-06-12). Target date: 2026-06-12. This is a local preview only; no notification was sent.2026-06-12in app local onlyDisabled preview
Kids Game Pass trialReview soonTrial review: Kids Game Pass trialTrial conversion risk for Kids Game Pass trial — charge expected 2026-06-15. Target date: 2026-06-15. This is a local preview only; no notification was sent.2026-06-15in app local onlyDisabled preview
Kids Game Pass trialReview soonRenewal review: Kids Game Pass trialKids Game Pass trial renewal due in 16 day(s) (2026-06-15). Target date: 2026-06-15. This is a local preview only; no notification was sent.2026-06-15in app local onlyDisabled preview
Neighbor Cafe repeatReview soonRenewal review: Neighbor Cafe repeatNeighbor Cafe repeat renewal due in 23 day(s) (2026-06-22). Target date: 2026-06-22. This is a local preview only; no notification was sent.2026-06-22in app local onlyDisabled preview
Adobe Creative CloudWatch cancelled merchantCancellation watch: Adobe Creative CloudAdobe Creative Cloud was cancelled — watch for repeat charges on your card. Target date: 2026-04-01. This is a local preview only; no notification was sent.2026-04-01in app local onlyDisabled preview
GoodLife FitnessWatch cancelled merchantCancellation watch: GoodLife FitnessGoodLife Fitness was cancelled — watch for repeat charges on your card. Target date: 2026-06-05. This is a local preview only; no notification was sent.2026-06-05in app local onlyDisabled preview

Cancellation proof workspace

Derived proof metadata only. No uploads yet. No raw artifact retention. No legal/refund/dispute automation. Watch after cancellation.

Total proof items2
Confirmation-ready0
Watchlisted2
Repeat charge detected0
Needs review0
MerchantStatusConfirmation #Effective dateWatch untilSourceRecommended action
Adobe Creative Cloudwatching for repeat chargegmail dev previewWatch card activity until watch-until date; flag unexpected charges in SubShield.
GoodLife Fitnesswatching for repeat chargegmail dev previewWatch card activity until watch-until date; flag unexpected charges in SubShield.

BKI-SUB-026 · Demo/local only

Manual cancellation confirmation

Typed confirmation metadata only. No file upload, screenshot/PDF storage, or legal/refund/dispute automation. Preview builds a derived proof workspace item in local React state only.

BKI-SUB-024 · Upload/redaction decision (design only)

Cancellation proof upload decision

Cancellation proof helps users show they cancelled a subscription and watch for repeat charges. SubShield stores derived proof metadata only today. Any future upload lane must define redaction, retention, and deletion before implementation.

Decision options6
Current state1
Design approved1
Blocked pending policy2
Blocked for MVP2
Recommended nextmanual confirmation fields

Current state — derived metadata only

Approved — current state

Proof comes from fixture email/Gmail-derived signals and workspace metadata. No file upload.

Retention: derived metadata only

Redaction: not applicable

Current state — derived metadata only

Recommended next — manual confirmation fields only

Approved for design only

User types confirmation number and effective date after cancelling. No file bytes stored.

Retention: derived metadata only

Redaction: not applicable

Recommended next design path

Future option — screenshot parse-then-discard

Blocked pending redaction policy

User uploads a narrow cancellation screenshot; OCR extracts confirmation metadata; image discarded.

Retention: parse then discard

Redaction: auto crop confirmation region

Future option — PDF confirmation parse-then-discard

Blocked pending redaction policy

User uploads provider cancellation PDF; parser extracts confirmation fields; file discarded.

Retention: parse then discard

Redaction: manual redaction required

Blocked — screenshot user-controlled retention

Blocked for MVP

User keeps encrypted screenshot artifact for disputes. High PII risk.

Retention: user controlled encrypted vault

Redaction: manual redaction required

Blocked: Encryption/KMS design; Legal/privacy review

Blocked — full artifact vault (not SubShield)

Blocked for MVP

General proof document vault with search and sync. Out of product scope.

Retention: not allowed

Redaction: no redaction assumption blocked

Blocked: Explicit product scope expansion; Not planned for SubShield MVP

Fixture email receipt connector prototype

Fixture data only. No Gmail OAuth, no mailbox access, no token storage, no persistence, and no real email ingestion. Only derived recurring obligations and cancellation-proof candidates are shown.

CSV prototype boundary

Fixture CSV only. Raw CSV is parsed in prototype code and discarded — not retained, not uploaded, and not persisted. This does not parse live user data.

Product boundary

We do

  • Detect recurring charges from imported statements or receipts
  • Estimate monthly and annual subscription cost
  • Flag renewal and price-change risk
  • Guide cancellation and preserve proof
  • Watch for charges after cancellation

We do not

  • Connect to banks in this version
  • Move money
  • Cancel subscriptions automatically
  • Store full bank histories
  • Provide legal, tax, or investment advice
  • Become a budgeting app or password vault

Demo wiring complete · Next BKI gates

What is wired vs what needs approval

The demo now runs end-to-end across reconciliation, renewal alerts, proof workspace, re-import diff review, manual confirmation preview, and optional Gmail dev/preview — all fixture/local or session-only.

First wedge MVP

Subscription Leak Audit

Privacy stance