Activity Report API

Using phonetic algorithms, pattern matching, and and machine learning, the Vetting API detects frequency and velocity abuse patterns. As a simple example, sign-ups using similar emails to create multiple accounts such as: jim1@xyz.com, jim15@xyz.com, jim37@xyz.com will be tagged.

If we detect an abuse pattern, an incident is created with all records and data associalted with the incident. If the pattern continues, new records are automatically added to the original incident.

These are typically fraudsters that you do not want in your systems. Making an activity/get call to the feed API will report back all incidents and entities associated with your account over the last 24 hours.

To run the Activity Report:

https://feed-api.e-hawk.net/apikey/activity/get 

The JSON response will list each incident ID and data points. In this example, incident 558 has two emails and one IP.

{
  "response": {
    "558": {
      "email": [
        "jim01@aol.com",
        "jim02@aol.com"
      ],
      "ip": [
        "8.8.8.9"
      ]
    }
  },
  "status": 200
}


After reviewing the report data, you can confirm or delete incidents with the following API calls.

To verify an incident, send:

 https://feed-api.e-hawk.net/apikey/activity/confirm?incident=<incident#> 


To delete/remove an incident, send:

 https://feed-api.e-hawk.net/apikey/activity/delete?incident=<incident#> 

The Activity Report in the Portal lists all incidents created by our activity monitor during the last thirty days. To the right of each incident are buttons: Correct to verify the incident as a Repeat Sign-up, False to mark as incorrect (remove from scoring), and Hold to not score until marked correct or false. This report should be checked often because many times the first items in the incident are marked as low risk (no bad pattern yet), and the later ones are marked as high risk. If the incident is Correct, then make sure to take action on all items in the incident.