Smart rules
Repeat devices
The rule triggers when a device is seen more than the threshold number of times in the current or previous quarter (combined). This is a strong indicator that the same device is triggering events repeatedly. For some actions such as sign-up, this can be a problem.
You can choose the number of events that the smart rule will trigger on in the console.
The ID for this smart rule is repeat_device. You'll see this ID in the rules object in the API result.
Emails per device
The emails per device smart rule will take action where the number of unique devices associated with an email address is greater than the threshold set in the rule.
This loosely indicates the number of separate devices that a login email address is using. Depending on your app's terms of service or licensing rules, you may want to prevent or control this.
The ID for this smart rule is emails_per_device. You'll see this ID in the rules object in the API result.
Location
This smart rule will take action when the event originates from a country other than the site's default country. This rule acts on the IP address country, even where Hitprobe knows the true location of the user.
The ID for this smart rule is location. You'll see this ID in the rules object in the API result.
Bots
The bots smart rule lets you take action where the browser is known to be a bot. The term bot refers to any means of connecting to your site other than through a regular web browser. For example, a headless browser instance or a script.
Note that known 'good bots' such as search engine crawlers, will not trigger the rule.
The ID for this smart rule is bot. You'll see this ID in the rules object in the API result.
Anonymous browsing
Use this rule to take action when the user is found to be browsing anonymously. This includes browsing through a known VPN connection, or where the use of a VPN is inferred using learning data about the shape of traffic or inconsistencies in the person's browsing profile.
Select the Also include relays (e.g. iCloud Private Relay) option to also take action where the person is using iCloud Private Relay or similar services.
The ID for this smart rule is anonymous. You'll see this ID in the rules object in the API result.
Risky emails
Use the risky emails rule to take action when the email appears to be undeliverable, disposable, or throwaway.
This rule also blocks email addresses with especially high-risk TLDs, such as those preferred by disposable email services.
The ID for this smart rule is email. You'll see this ID in the rules object in the API result.
Risky phone numbers
The risky phone numbers rule allows you to take action on phone numbers that are unreachable or from a risky carrier.
Also choose the Also include VoIP and other higher risk line types option if you'd like to also exclude any phone number type other than mobile, fixed, or fixed_or_mobile.
It's useful to apply this rule where you ask people to provide their main personal mobile or landline phone number, as these shouldn't normally trigger this rule.
Successful phone number checks will incur extra usage.
The ID for this smart rule is phone_number. You'll see this ID in the rules object in the API result.
Suspect probe
Since the device data is created on the client-side from data provided by the browser, it's not possible to 100% guarantee the integrity of the information provided in it.
However, it is possible to do some cross-checks to ensure that the probability of the probe being legitimate is high. You can find more information about this in the device object reference.
The suspect probe smart rule allows you to take action when the integrity of the device data is reduced. Since this doesn't necessarily mean there is a problem, it's recommended to set the action to Review rather than Block.
The ID for this smart rule is suspect_probe. You'll see this ID in the rules object in the API result.