Skip to main content

Documentation Index

Fetch the complete documentation index at: https://documentation.uponai.com/llms.txt

Use this file to discover all available pages before exploring further.

UponAI provides fraud protection features to help you prevent abuse of your voice AI agents. These features complement the general abuse prevention measures and give you fine-grained control over how your agents are accessed.

Rate Limiting

When using public keys to authenticate calls from your frontend, you can enable fraud protection to automatically rate limit requests based on IP address and destination phone number.

Enabling Fraud Protection

1

Navigate to Public Keys

Go to Public Keys in your UponAI dashboard.
2

Select your public key

Click on the public key you want to configure.
3

Enable fraud protection

Toggle on Fraud Protection and save your changes.

How It Works

When fraud protection is enabled on a public key:
  • Requests are rate limited based on the combination of the caller’s IP address and the destination phone number
  • This prevents bad actors from using the same IP to spam calls to premium rate numbers
  • Rate limiting applies to outbound phone calls and SMS initiated via public key authentication
For maximum protection, combine fraud protection with Google reCAPTCHA to prevent bot abuse.

Geographic Restrictions

Restrict which countries are allowed to make inbound calls to your UponAI phone numbers, and which countries your numbers can call outbound. This helps prevent International Revenue Sharing Fraud (IRSF) and limits exposure to unwanted traffic.

Allowed Inbound Countries

1

Navigate to Phone Numbers

Go to Phone Numbers in your UponAI dashboard.
2

Select a phone number

Click on the number you want to configure.
3

Set allowed inbound countries

Under Allowed Inbound Countries, add the countries that should be allowed to call this number. Changes save automatically.
When configured, calls from countries not on the list are automatically rejected.

Allowed Outbound Countries

1

Navigate to Phone Numbers

Go to Phone Numbers in your UponAI dashboard.
2

Select a phone number

Click on the number you want to configure.
3

Set allowed outbound countries

Under Allowed Outbound Countries, add the countries this number should be allowed to call. Changes save automatically.
When configured, outbound calls to countries not on the list are blocked.

Configure via API

# Set geographic restrictions
curl -X PATCH "https://api.uponai.com/update-phone-number/+14155551234" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowed_inbound_country_list": ["US", "CA", "GB"],
    "allowed_outbound_country_list": ["US", "CA"]
  }'
Use ISO 3166-1 alpha-2 country codes (e.g., US, CA, GB). 
# Remove restrictions
curl -X PATCH "https://api.uponai.com/update-phone-number/+14155551234" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowed_inbound_country_list": null,
    "allowed_outbound_country_list": null
  }'

Sanctioned Countries

The following countries are always blocked regardless of your configuration:
CountryCode
CubaCU
IranIR
North KoreaKP
SyriaSY
RussiaRU
BelarusBY
VenezuelaVE
Calls to or from these countries are automatically rejected.

Best Practices

  • Enable fraud protection on all public keys — adds an extra layer of protection at minimal cost
  • Combine with reCAPTCHA — use both fraud protection and reCAPTCHA for web-initiated calls to prevent bot abuse
  • Start with restrictive country lists — begin with only the countries you need and expand as necessary
  • Monitor for blocked calls — use webhooks to track when calls are blocked due to geographic restrictions
  • Review regularly — periodically review your country restrictions to ensure they match your current business needs