SEE MATPROOF ON YOUR STACK — BOOK A 30-MINUTE DEMO
AI_SAFETYarxiv_cscr1 Jul 2026

arXiv: SoK: Attack and Defense Landscape of Mobile On-device AI Systems

AI_SAFETY. Sourced from arxiv_cscr, summarised by Matproof.

AI Analysis

What changed and what to do.

This publication is a systematic academic review, not a regulatory change. It surveys the security and privacy vulnerabilities of on-device AI systems, such as those running on smartphones, wearables, and IoT devices. The paper categorizes attack vectors, including model extraction, data poisoning, and adversarial inputs, alongside existing defense mechanisms. It does not introduce new legal obligations but provides a technical landscape that may inform future regulatory guidance under the EU AI Act and related frameworks.

Organizations deploying on-device AI in consumer electronics, healthcare, automotive, or financial services should take note. Compliance teams in these sectors must consider how these documented threats could affect their AI system’s risk classification, transparency obligations, and conformity assessments under the AI Act. The paper highlights that on-device processing, while privacy-preserving in principle, introduces unique attack surfaces that may require additional technical safeguards.

Compliance teams should review their AI risk management processes to ensure they account for on-device threats, particularly model integrity and data confidentiality. Engage engineering teams to map the paper’s attack taxonomy against your deployed systems. Update internal documentation and, where relevant, prepare for potential regulatory scrutiny by documenting mitigation measures. Monitor the European Commission’s guidance on AI security for any alignment with these findings.

This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.

More AI_SAFETY updates

Latest in AI_SAFETY.

arxiv_cscr1 Jul 2026
arXiv: The Rise and Fall of Google's Privacy Sandbox

A new academic paper published on arXiv, titled "The Rise and Fall of Google's Privacy Sandbox," provides a critical retrospective analysis of Google's initiative to phase out third-party cookies in…

Live regulatory monitoring

Never miss a compliance update.

Get weekly digests of DORA, NIS2, GDPR, MaRisk, and ISO 27001 changes — straight to your inbox. Free.

No spam. Weekly digest only. Unsubscribe anytime.

DORANIS2GDPRMaRiskISO 27001

Map this to your controls

Connect regulatory changes to your compliance work.

Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.