# Billing, SCU, And Limits

Understand Security Compute Units, modality billing, included allowance, overage, tier caps, and file limits.

Source URL: https://trymighty.ai/docs/concepts/billing-scu

Mighty billing is based on SCU, short for Security Compute Units. SCU measures the amount of security compute used by a scan.

Text is the cheapest path. Image and document work use more compute. SCU starts at `$0.001`.

Mode controls scan depth and latency. Focus controls the image evidence family and image-unit billing. Focused image evidence starts at 4 SCU per image; all-evidence image review is 10 SCU per image unit.

For PDFs, page work and embedded image work are separate. They are added together. A PDF page with embedded images costs more than scanning plain extracted text, and embedded images use the active focus image-unit price.

## Mode And Focus Pricing

| Setting | Billing rule |
| --- | --- |
| SCU price | Starts at `$0.001` per SCU. |
| Text | Starts at 1 SCU per 1,000 tokens, rounded up. |
| `focus=steg`, `focus=ai`, `focus=edits` | Focused image evidence starts at 4 SCU per image. |
| `focus=all` | All-evidence image review is 10 SCU per image unit. |
| `focus=both` | Deprecated alias for `focus=all`; bills 10 SCU per image unit. |
| PDFs | Start at 2 SCU per page, plus unique embedded image units at the active focus price. |
| `mode=fast`, `mode=secure`, `mode=comprehensive` | Controls scan depth and latency only. There is no separate mode SCU multiplier. |

Counts stay physical. One image is one image unit. `focus=all` applies bundle pricing to that image unit; it does not turn the image count into a fractional value.

SCU means Security Compute Units. SCU starts at $0.001. Mode controls scan depth and latency; focus controls image evidence billing. Focused image evidence starts at 4 SCU per image, focus=all bills 10 SCU per image unit, and PDFs add page SCU plus unique embedded image units at the active focus price.

Illustration: SCU pricing uses work units, not marketing modes. Mode changes scan depth and latency. Focus changes the image evidence family and whether the 10 SCU all-evidence bundle applies.

## SCU By Modality

| Work processed | SCU |
| --- | --- |
| Text | 1 SCU per 1,000 tokens, rounded up. |
| Focused standalone image | 4 SCU per image for `focus=steg`, `focus=ai`, or `focus=edits`. |
| All-evidence standalone image | 10 SCU per image unit for `focus=all` and deprecated `focus=both`. |
| PDF or document page | 2 SCU per page wrapper and text extraction. |
| Embedded image inside a PDF | 4 or 10 SCU per unique embedded image, added on top of page SCU, using the active focus image-unit price. |
| Minimum processed request | 1 SCU when content is scanned. |

PDF embedded images are billed separately from page processing. They are deduplicated by hash before counting, so the same logo repeated on many pages should count once.

## PDF SCU Formula

For PDFs, calculate focused scans like this:

```text
Focused PDF SCU = pages * 2 + unique embedded images * 4
```

For all-evidence review:

```text
All-evidence PDF SCU = pages * 2 + unique embedded images * 10
```

Examples:

| PDF shape | Focus | SCU |
| --- | --- | --- |
| 1 page, no embedded images | any supported focus | 2 SCU |
| 1 page, 4 unique embedded images | focused | 18 SCU: 2 for the page plus 16 for images |
| 1 page, 4 unique embedded images | all evidence | 42 SCU: 2 for the page plus 40 for images |
| 1 page, the same image repeated 4 times | focused | 6 SCU: 2 for the page plus 4 for 1 unique image |
| 10 pages, same logo on every page | all evidence | 30 SCU: 20 for pages plus 10 for 1 unique image |
| 50 pages, 30 unique embedded images | focused | 220 SCU: 100 for pages plus 120 for images |

This matches the billing code: document pages and embedded image count are separate usage metrics, then the totals are added together.

Plain version: first count pages, then count unique embedded images, then add both numbers. A one-page focused PDF with four unique embedded images is 18 SCU, not 2 SCU and not 16 SCU. The same PDF with `focus=all` is 42 SCU.

## What The Response Can Include

```json
{
  "action": "WARN",
  "risk_score": 68,
  "scan_id": "4e7c5fc1-6947-492b-bd22-0589d6477c8b",
  "scan_group_id": "9b3e4f8d-96c9-4f42-8338-8cf9571c1c70",
  "scu_charged": 12
}
```

Logs and dashboard usage can also show allowance remaining and whether usage was included or overage.

## Allowance And Overage

The billing page shows:

- Included SCU for the current period.
- SCU used this period.
- Overage SCU when usage passes the included allowance.
- Organization spending limit.
- Estimated total.

If billing or tier policy blocks a scan, handle `402`. If payload size or file complexity blocks a scan, handle `413`. If rate limits block a scan, handle `429`.

## Limits

Limits apply to file size, PDF pages, embedded images, billing policy, tier caps, and rate limits.

Current PDF tier ceilings:

| Tier | PDF pages per request | Embedded images per PDF |
| --- | --- | --- |
| Free preview | 4 | 1 |
| Pro | 1,000 | 100 |

These are per-request ceilings for PDFs. They are separate from rate limits, billing allowance, and organization spending limits.

## What Developers Should Do

1. Show upload size and file type limits before upload.
2. Use async scans for high-value images and large PDFs.
3. Route `402` to billing, upgrade, or admin action.
4. Route `413` to reduce file size, split the PDF, or review manually.
5. Route `429` to retry with backoff.
6. Log `scu_charged`, `scan_id`, `request_id`, and `scan_group_id`.

## Common Mistakes

- Thinking text and image scans cost the same. Image and document scans use more compute.
- Missing that `focus=all` and deprecated `focus=both` bill 10 SCU per image unit.
- Treating `402` as a generic failure. It usually needs a billing or tier action.
- Treating `413` as only a file size issue. It can also represent a tier file cap.
- Retrying `429` immediately. Use backoff.
- Running comprehensive async review on every low-risk text message.

For plain-language definitions of `mode`, `focus`, AI edits, steganography, and prompt injection, see the [glossary](/docs/concepts/glossary).

## AI-Agent Prompt

### Add billing-aware Mighty handling

```text
Make this Mighty integration billing-aware and limit-aware.

Requirements:
- Log scu_charged when returned.
- Store scan_id, request_id, scan_group_id, session_id, action, and risk_score.
- Explain SCU in developer comments or admin UI as Security Compute Units.
- Handle 402 as billing, quota, tier cap, or spending limit action.
- Handle 413 as file size, PDF page cap, embedded image cap, or payload complexity.
- Handle 429 with retry backoff.
- Use async scans for high-value images and large PDFs.
- Do not run comprehensive mode on every low-risk text message.

Acceptance criteria:
- Tests cover successful scan with scu_charged.
- Tests cover 402, 413, and 429.
- Large file workflows can route to manual review or ask the user to split the file.
- Logs expose enough IDs for support and billing investigation.
```