[{"data":1,"prerenderedAt":499},["ShallowReactive",2],{"docsv3-nav":3,"\u002Fdocs\u002Fv3\u002Fconcepts\u002Factions":198},[4],{"title":5,"path":6,"stem":7,"children":8,"page":188},"V3","\u002Fdocs\u002Fv3","1.docs\u002Fv3",[9,13,17,21,38,87,189],{"title":10,"path":11,"stem":12},"Introduction","\u002Fdocs\u002Fv3\u002Fintroduction","1.docs\u002Fv3\u002F1.Introduction",{"title":14,"path":15,"stem":16},"Quick start","\u002Fdocs\u002Fv3\u002Fquick-start","1.docs\u002Fv3\u002F2.Quick start",{"title":18,"path":19,"stem":20},"Challenge flow","\u002Fdocs\u002Fv3\u002Fchallenge-flow","1.docs\u002Fv3\u002F3.Challenge flow",{"title":22,"path":23,"stem":24,"children":25},"Fundamentals","\u002Fdocs\u002Fv3\u002Ffundamentals","1.docs\u002Fv3\u002F4.fundamentals",[26,30,34],{"title":27,"path":28,"stem":29},"Signup protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Fsignup-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F00.Signup protection",{"title":31,"path":32,"stem":33},"Login protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Flogin-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F01.Login protection",{"title":35,"path":36,"stem":37},"Access protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Faccess-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F02.Access protection",{"title":39,"path":40,"stem":41,"children":42},"Guides","\u002Fdocs\u002Fv3\u002Fguides","1.docs\u002Fv3\u002F5.guides",[43,47,51,55,59,63,67,71,75,79,83],{"title":44,"path":45,"stem":46},"Account sharing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-sharing-prevention","1.docs\u002Fv3\u002F5.guides\u002F1.Account sharing prevention",{"title":48,"path":49,"stem":50},"Web scraping prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fweb-scraping-prevention","1.docs\u002Fv3\u002F5.guides\u002F13.Web scraping prevention",{"title":52,"path":53,"stem":54},"Ban enforcement","\u002Fdocs\u002Fv3\u002Fguides\u002Fban-enforcement","1.docs\u002Fv3\u002F5.guides\u002F14.Ban enforcement",{"title":56,"path":57,"stem":58},"Chargeback dispute","\u002Fdocs\u002Fv3\u002Fguides\u002Fchargeback-dispute","1.docs\u002Fv3\u002F5.guides\u002F15.Chargeback dispute",{"title":60,"path":61,"stem":62},"Multi-accounting prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fmulti-accounting-prevention","1.docs\u002Fv3\u002F5.guides\u002F16.Multi-accounting prevention",{"title":64,"path":65,"stem":66},"Account takeover prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-takeover-prevention","1.docs\u002Fv3\u002F5.guides\u002F2.Account takeover prevention",{"title":68,"path":69,"stem":70},"Risky transaction prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Frisky-transaction-prevention","1.docs\u002Fv3\u002F5.guides\u002F20.Risky transaction prevention",{"title":72,"path":73,"stem":74},"Fake account detection","\u002Fdocs\u002Fv3\u002Fguides\u002Ffake-account-detection","1.docs\u002Fv3\u002F5.guides\u002F3.Fake account detection",{"title":76,"path":77,"stem":78},"Bot detection","\u002Fdocs\u002Fv3\u002Fguides\u002Fbot-detection","1.docs\u002Fv3\u002F5.guides\u002F4.Bot detection",{"title":80,"path":81,"stem":82},"Card testing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fcard-testing-prevention","1.docs\u002Fv3\u002F5.guides\u002F5.Card testing prevention",{"title":84,"path":85,"stem":86},"Incentive abuse prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fincentive-abuse-prevention","1.docs\u002Fv3\u002F5.guides\u002F9.Incentive abuse prevention",{"title":88,"path":89,"stem":90,"children":91,"page":188},"Concepts","\u002Fdocs\u002Fv3\u002Fconcepts","1.docs\u002Fv3\u002F6.concepts",[92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184],{"title":93,"path":94,"stem":95},"Evaluations","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fevaluations","1.docs\u002Fv3\u002F6.concepts\u002F01.evaluations",{"title":97,"path":98,"stem":99},"Actions","\u002Fdocs\u002Fv3\u002Fconcepts\u002Factions","1.docs\u002Fv3\u002F6.concepts\u002F02.actions",{"title":101,"path":102,"stem":103},"Signals","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fsignals","1.docs\u002Fv3\u002F6.concepts\u002F03.signals",{"title":105,"path":106,"stem":107},"Checks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks","1.docs\u002Fv3\u002F6.concepts\u002F04.checks",{"title":109,"path":110,"stem":111},"Risks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks","1.docs\u002Fv3\u002F6.concepts\u002F05.risks",{"title":113,"path":114,"stem":115},"Verdicts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fverdicts","1.docs\u002Fv3\u002F6.concepts\u002F06.verdicts",{"title":117,"path":118,"stem":119},"Policies","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpolicies","1.docs\u002Fv3\u002F6.concepts\u002F07.policies",{"title":121,"path":122,"stem":123},"Challenges","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchallenges","1.docs\u002Fv3\u002F6.concepts\u002F08.challenges",{"title":125,"path":126,"stem":127},"Concurrency","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fconcurrency","1.docs\u002Fv3\u002F6.concepts\u002F09.concurrency",{"title":129,"path":130,"stem":131},"Impossible travel","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fimpossible-travel","1.docs\u002Fv3\u002F6.concepts\u002F10.impossible-travel",{"title":133,"path":134,"stem":135},"Bots","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots","1.docs\u002Fv3\u002F6.concepts\u002F11.bots",{"title":137,"path":138,"stem":139},"Devices","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fdevices","1.docs\u002Fv3\u002F6.concepts\u002F12.devices",{"title":141,"path":142,"stem":143},"Fingerprints","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffingerprints","1.docs\u002Fv3\u002F6.concepts\u002F13.fingerprints",{"title":145,"path":146,"stem":147},"People","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpeople","1.docs\u002Fv3\u002F6.concepts\u002F14.people",{"title":149,"path":150,"stem":151},"Lists","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flists","1.docs\u002Fv3\u002F6.concepts\u002F15.lists",{"title":153,"path":154,"stem":155},"Account takeover","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-takeover","1.docs\u002Fv3\u002F6.concepts\u002F16.account-takeover",{"title":157,"path":158,"stem":159},"Account sharing","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-sharing","1.docs\u002Fv3\u002F6.concepts\u002F17.account-sharing",{"title":161,"path":162,"stem":163},"Fake account","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account","1.docs\u002Fv3\u002F6.concepts\u002F18.fake-account",{"title":165,"path":166,"stem":167},"Scraping","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fscraping","1.docs\u002Fv3\u002F6.concepts\u002F19.scraping",{"title":169,"path":170,"stem":171},"Linked accounts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts","1.docs\u002Fv3\u002F6.concepts\u002F20.linked-accounts",{"title":173,"path":174,"stem":175},"New IP","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fip","1.docs\u002Fv3\u002F6.concepts\u002F21.ip",{"title":177,"path":178,"stem":179},"Anonymizing network","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fanonymizing-network","1.docs\u002Fv3\u002F6.concepts\u002F22.anonymizing-network",{"title":181,"path":182,"stem":183},"Email quality","\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail","1.docs\u002Fv3\u002F6.concepts\u002F23.email",{"title":185,"path":186,"stem":187},"Velocity","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fvelocity","1.docs\u002Fv3\u002F6.concepts\u002F24.velocity",false,{"title":190,"path":191,"stem":192,"children":193,"page":188},"Advanced","\u002Fdocs\u002Fv3\u002Fadvanced","1.docs\u002Fv3\u002F7.Advanced",[194],{"title":195,"path":196,"stem":197},"Proxy setup","\u002Fdocs\u002Fv3\u002Fadvanced\u002Fproxy-setup","1.docs\u002Fv3\u002F7.Advanced\u002F1.Proxy-setup",{"id":199,"title":97,"body":200,"description":490,"extension":491,"meta":492,"navigation":493,"path":98,"rawbody":494,"seo":495,"stem":99,"__hash__":498},"docsv3\u002F1.docs\u002Fv3\u002F6.concepts\u002F02.actions.md",{"type":201,"value":202,"toc":477},"minimark",[203,207,224,229,232,239,246,275,281,323,328,333,348,352,378,383,388,406,410,436,443,446,450,462],[204,205,97],"h1",{"id":206},"actions",[208,209,210,211,215,216,219,220,223],"p",{},"An action is the user-initiated event you ask Rupt to judge. Every ",[212,213,214],"a",{"href":94},"evaluation"," is bound to exactly one action, and Rupt tunes its ",[212,217,218],{"href":106},"checks"," and ",[212,221,222],{"href":110},"risks"," to the threats most relevant to that flow.",[225,226,228],"h2",{"id":227},"the-reserved-actions","The reserved actions",[208,230,231],{},"V3 supports the following reserved actions:",[233,234,236],"h3",{"id":235},"login",[237,238,235],"code",{},[208,240,241,242,245],{},"A user authenticates to an existing account. Rupt prioritizes the following ",[243,244,222],"strong",{}," for this action:",[247,248,249,255,260,265,270],"ul",{},[250,251,252],"li",{},[212,253,254],{"href":154},"account takeover",[250,256,257],{},[212,258,259],{"href":158},"account sharing",[250,261,262],{},[212,263,264],{"href":134},"bot activity",[250,266,267],{},[212,268,269],{"href":166},"scraping",[250,271,272],{},[212,273,274],{"href":170},"linked accounts",[208,276,277,278,280],{},"Rupt infers those risks from the following ",[243,279,218],{},":",[247,282,283,288,293,298,303,308,313,318],{},[250,284,285],{},[212,286,287],{"href":142},"new fingerprint",[250,289,290],{},[212,291,292],{"href":174},"new IP",[250,294,295],{},[212,296,297],{"href":130},"impossible travel",[250,299,300],{},[212,301,302],{"href":178},"anonymizing network",[250,304,305],{},[212,306,307],{"href":126},"concurrent sessions",[250,309,310],{},[212,311,312],{"href":138},"device count",[250,314,315],{},[212,316,317],{"href":186},"velocity",[250,319,320],{},[212,321,322],{"href":170},"shared fingerprint",[233,324,326],{"id":325},"signup",[237,327,325],{},[208,329,330,331,245],{},"A new user is created. Rupt prioritizes the following ",[243,332,222],{},[247,334,335,340,344],{},[250,336,337],{},[212,338,339],{"href":162},"fake account",[250,341,342],{},[212,343,264],{"href":134},[250,345,346],{},[212,347,274],{"href":170},[208,349,277,350,280],{},[243,351,218],{},[247,353,354,359,364,369,374],{},[250,355,356],{},[212,357,358],{"href":182},"disposable email",[250,360,361],{},[212,362,363],{"href":182},"invalid email",[250,365,366],{},[212,367,368],{"href":182},"unverified email",[250,370,371],{},[212,372,373],{"href":182},"webmail email",[250,375,376],{},[212,377,322],{"href":170},[233,379,381],{"id":380},"access",[237,382,380],{},[208,384,385,386,245],{},"A page view or app open. Rupt prioritizes the following ",[243,387,222],{},[247,389,390,394,398,402],{},[250,391,392],{},[212,393,259],{"href":158},[250,395,396],{},[212,397,264],{"href":134},[250,399,400],{},[212,401,269],{"href":166},[250,403,404],{},[212,405,274],{"href":170},[208,407,277,408,280],{},[243,409,218],{},[247,411,412,416,420,424,428,432],{},[250,413,414],{},[212,415,307],{"href":126},[250,417,418],{},[212,419,297],{"href":130},[250,421,422],{},[212,423,312],{"href":138},[250,425,426],{},[212,427,317],{"href":186},[250,429,430],{},[212,431,302],{"href":178},[250,433,434],{},[212,435,322],{"href":170},[233,437,439,442],{"id":438},"custom-actions-coming-soon",[237,440,441],{},"custom actions"," (coming soon)",[208,444,445],{},"A custom action is one that you define. You can use this to protect any user-facing flow that doesn't fit into the reserved actions. Each risk contains checks that are derived from signals. In the dashboard, you can create a custom risk, define the checks and signals that contribute to it as well as the weight of each check based on the outcome as well as the level of severity based on the score.",[225,447,449],{"id":448},"choosing-the-right-action","Choosing the right action",[208,451,452,453,219,456,458,459,461],{},"Pick the action that matches the user-facing flow you are protecting. The underlying ",[212,454,455],{"href":102},"signals",[212,457,218],{"href":106}," are shared across all actions; the difference is which combinations Rupt weights most heavily and which ",[212,460,222],{"href":110}," get scored.",[208,463,464,465,467,468,470,471,473,474,476],{},"V3 grew out of the v2 account-sharing focus (",[237,466,380],{},") but now covers more of the fraud surface: ATO via ",[237,469,235],{},", fake accounts via ",[237,472,325],{},", and sharing via ",[237,475,380],{},". There will be more actions in the future.",{"title":478,"searchDepth":479,"depth":479,"links":480},"",2,[481,489],{"id":227,"depth":479,"text":228,"children":482},[483,485,486,487],{"id":235,"depth":484,"text":235},3,{"id":325,"depth":484,"text":325},{"id":380,"depth":484,"text":380},{"id":438,"depth":484,"text":488},"custom actions (coming soon)",{"id":448,"depth":479,"text":449},"[object Object]","md",{},true,"---\ntitle: Actions\ndescription: An action is the user-initiated event you ask Rupt to judge: login, signup, or access. Each tunes Rupt's checks and risks to the threats most relevant to that flow.\n---\n\n# Actions\n\nAn action is the user-initiated event you ask Rupt to judge. Every [evaluation](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fevaluations) is bound to exactly one action, and Rupt tunes its [checks](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks) and [risks](\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks) to the threats most relevant to that flow.\n\n## The reserved actions\n\nV3 supports the following reserved actions:\n\n### `login`\n\nA user authenticates to an existing account. Rupt prioritizes the following **risks** for this action:\n\n- [account takeover](\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-takeover)\n- [account sharing](\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-sharing)\n- [bot activity](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots)\n- [scraping](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fscraping)\n- [linked accounts](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\nRupt infers those risks from the following **checks**:\n\n- [new fingerprint](\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffingerprints)\n- [new IP](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fip)\n- [impossible travel](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fimpossible-travel)\n- [anonymizing network](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fanonymizing-network)\n- [concurrent sessions](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fconcurrency)\n- [device count](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fdevices)\n- [velocity](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fvelocity)\n- [shared fingerprint](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\n### `signup`\n\nA new user is created. Rupt prioritizes the following **risks** for this action:\n\n- [fake account](\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account)\n- [bot activity](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots)\n- [linked accounts](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\nRupt infers those risks from the following **checks**:\n\n- [disposable email](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail)\n- [invalid email](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail)\n- [unverified email](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail)\n- [webmail email](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail)\n- [shared fingerprint](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\n### `access`\n\nA page view or app open. Rupt prioritizes the following **risks** for this action:\n\n- [account sharing](\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-sharing)\n- [bot activity](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots)\n- [scraping](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fscraping)\n- [linked accounts](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\nRupt infers those risks from the following **checks**:\n\n- [concurrent sessions](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fconcurrency)\n- [impossible travel](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fimpossible-travel)\n- [device count](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fdevices)\n- [velocity](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fvelocity)\n- [anonymizing network](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fanonymizing-network)\n- [shared fingerprint](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts)\n\n### `custom actions` (coming soon)\n\nA custom action is one that you define. You can use this to protect any user-facing flow that doesn't fit into the reserved actions. Each risk contains checks that are derived from signals. In the dashboard, you can create a custom risk, define the checks and signals that contribute to it as well as the weight of each check based on the outcome as well as the level of severity based on the score.\n\n\u003C!-- FIXME: This is coming soon. -->\n\n## Choosing the right action\n\nPick the action that matches the user-facing flow you are protecting. The underlying [signals](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fsignals) and [checks](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks) are shared across all actions; the difference is which combinations Rupt weights most heavily and which [risks](\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks) get scored.\n\nV3 grew out of the v2 account-sharing focus (`access`) but now covers more of the fraud surface: ATO via `login`, fake accounts via `signup`, and sharing via `access`. There will be more actions in the future.\n",{"title":97,"description":496},{"An action is the user-initiated event you ask Rupt to judge":497},"login, signup, or access. Each tunes Rupt's checks and risks to the threats most relevant to that flow.","Y7gRGy9aM-9YLsNENA1dOEgB8MdA2d9xNOs9zGIaJmw",1780344893217]