Using individualized apis to block automated attacks on native apps and/or purposely exposed apis

1 . An API call filtering system that filters API calls received, via a network, from user devices that are network-connected and running endpoint app software and/or hardware, to secure an API service that accepts API call requests and provides API call responses thereto, wherein the API service is secured against excessive request iterations from a set of rogue user devices while allowing for ordinary volumes of requests of the user devices, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria, the API call filtering system comprising: memory for storing data; a processor that executes program code; program code for handling requests from user devices, the requests being requests received via a network interface from the user devices; program code for determining a unique endpoint identifier (“UEID”) for a received request, and wherein the UEID is specific to a requesting user device that made the received request, wherein the UEID of the received request is determined, at least in part, from a personalized application programming interface (“API”) processing of the received request; storage for a plurality of references to user devices, the references being to their corresponding unique endpoint identifiers (“UEIDs”); program code for verifying with the requesting user device that it is the user device associated with the UEID included in the request from the requesting user device; and filter controller program code for dropping, filtering and/or forwarding requests wherein the filter controller program code operates, at least in part, by recognizing the UEIDs of the requests. 2 . The API call filtering system of claim 1 , wherein requests from user devices include requests to authenticate the user device with respect to a secured account maintained at or for the API service. 3 . The API call filtering system of claim 1 , wherein the program code for verifying includes a public key module that can encrypt a challenge message using a public key of a public key pair associated with one or more UEIDs and check signing of challenge reply messages. 4 . The API call filtering system of claim 3 , wherein the challenge message includes a random, semi-random, or pseudorandom number. 5 . The API call filtering system of claim 1 , wherein one or more of the program code for handling requests, program code for determining the UEID for the received request, the storage for the plurality of references to user devices, the program code for verifying, and/or the filter controller program code are resident at, and/or executed by, the secured API service. 6 . A user device that executes at least one endpoint app that sends API requests via a network to an API service that has been secured against excessive request iterations from a set of rogue user devices while allowing for ordinary volumes of requests from the user devices, the user device comprising: a processor; program code, executable by the processor, for processing data about, by, or for one or more endpoint apps that execute on a user device; storage for one or more unique end point identifier (“UEID”), wherein at least one UEID is associated with the one or more endpoint apps and the at least one UEID is specific to the user device; program code, executable by the processor, for responding to challenge messages challenging the UEID, wherein a response to a challenge message comprises information indicating that the response was generated using the one or more endpoint apps with which the UEID is associated; and program code for generating requests to be sent over the network to an API call filtering system and/or an API service while identifying the endpoint app in the requests using the UEID associated with that endpoint app, such that requests from rogue user devices can be distinguished from ordinary user devices. 7 . The user device of claim 6 , wherein the one or more UEID is associated with a limited address space to reduce an ability of an unauthorized device to use multiple UEIDs in order to hide a source of excessive request iterations. 8 . The user device of claim 7 , wherein the limited address space is provided by association of UEID requests with telephone numbers. 9 . The user device of claim 6 , further comprising storage for a private key of a public key infrastructure (“PKI”) key pair, wherein the private key used at least to encrypt challenge responses thereby signaling that the user device has access to the private key. 10 . The user device of claim 6 , wherein the requests generated by program code for generating requests are requests directed to be sent over the network to the API call filtering system. 11 . The user device of claim 6 , wherein the requests generated by the program code for generating requests are requests directed to be sent over the network to the API service. 12 . In a secured network environment, wherein a computing system that services application programming interface (“API”) calls is connected to a network that allows for authorized user devices to initiate such API calls and also allows for unauthorized user devices to initiate such API calls, a method of detecting at least some unauthorized API calls, the method comprising: receiving, over the network, an API call from a requesting user device; identifying a unique end-point identifier (“UEID”) of the requesting user device based on data provided with the API call, wherein the UEID is usable to distinguish the requesting user device from other user devices; checking the UEID against a stored plurality of references to user devices' corresponding unique endpoint identifiers (“UEIDs”); verifying that the requesting user device is the user device associated with the UEID included in the API call from the requesting user device; and filtering out API call requests, based on the UEID and its determined validity. 13 . The method of claim 12 , wherein filtering out requests comprises: determining a rule for distinguishing excessive request iterations from a specific user device from an ordinary volume of request iterations from the specific user device; and securing the API call requests against excessive request iterations from a set of user devices while allowing for ordinary volumes of requests from the set of user devices, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria. 14 . The method of claim 13 , wherein securing the API call requests against excessive request iterations comprises dropping requests using invalid UEIDs, dropping requests for a given UEID that are deemed excessive requests according to the rule, and forwarding requests deemed, according to the rule, to be for ordinary volumes of requests from valid UEIDs. 15 . The method of claim 12 , wherein at least one of the API calls authenticates user devices with respect to a secured account maintained by the API service. 16 . The method of claim 12 , wherein verifying comprises: encrypting a challenge message using a public key of a public key pair associated with one or more UEIDs; and checking digital signatures of challenge reply messages. 17 . The method of claim 16 , wherein the challenge message includes a random, semi-random, or pseudorandom number. 18 . The API call filtering system of claim 1 , wherein the filter controller program code filters b