Using Individualized APIs to Block Automated Attacks on Native Apps and/or Purposely Exposed APIs with Forced User Interaction

What is claimed is: 1 . An API call filtering system that filters API calls received, via a network, from UEs that are network-connected and running UE app software and/or hardware, to secure an API service that accepts API call requests and provides API call responses thereto, wherein the API service is secured against excessive request iterations from a set of rogue UEs while allowing for ordinary volumes of requests of the UEs, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria, the API call filtering system comprising: a request handler, coupled to a network interface, for handling requests from UEs; a UE identifier, coupled to the request handler, for determining an identity of a requesting UE based on a personalized application programming interface (“API”) processing of a received request; storage for a plurality of references to UEs, references to their corresponding unique UE identifiers (“UEINs”); a verifier for verifying with the requesting UE that it is the UE associated with the UEIN included in the request from the requesting UE; and a filter controller for dropping, filtering and/or forwarding requests for ordinary volumes of requests, wherein the filter controller operates, at least in part, by recognizing the UEINs of the requests, thereby allowing filter controller to filter out excessive requests from unrecognized UEs and UEs that are issuing what is deemed to be excessive request iterations. 2 . The API call filtering system of claim 1 , wherein requests from UEs include requests to authenticate the UE with respect to a secured account maintained at or for the API service. 3 . The API call filtering system of claim 1 , wherein the verifier for verifying includes a public key module that can encrypt a challenge message using a public key of a public key pair associated with one or more UEINs and check signing of challenge reply messages. 4 . The API call filtering system of claim 3 , wherein the challenge message includes a random, semi-random, or pseudorandom number. 5 . The API call filtering system of claim 1 , wherein one or more of the request handler, the UE identifier, the storage for a plurality of references to UEs, the verifier, and/or the filter controller are integrated into the secured API service. 6 . A UE that executes at least one UE app that sends API requests via a network to an API service that has been secured against excessive request iterations from a set of rogue UEs while allowing for ordinary volumes of requests from the UEs, the UE comprising: an app initiator that processes data about, by, or for one or more UE apps that execute on a UE; storage for one or more UEINs, wherein at least one UEIN is associated with the one or more UE apps; and a request generator, that generates requests to be sent over the network to an API call filtering system and/or an API service while identifying the UE app in the requests. 7 . The UE of claim 6 , wherein UEINs are associated with a limited address space to reduce an ability of an unauthorized UE to use multiple UEINs in order to hide a source of excessive request iterations. 8 . The UE of claim 7 , wherein the limited address space is provided by association of UEIN requests with telephone numbers. 9 . The UE of claim 6 , further comprising storage for a private key of a public key infrastructure (“PKI”) key pair, wherein the private key used at least to encrypt challenge responses thereby signaling that the UE has access to the private key. 10 . The UE of claim 6 , wherein the requests generated by the request generator are requests directed to be sent over the network to the API call filtering system. 11 . The UE of claim 6 , wherein the requests generated by the request generator are requests directed to be sent over the network to the API service. 12 . In a secured network environment, wherein a computing system that services application programming interface (“API”) calls is connected to a network that allows for authorized UEs to initiate such API calls and also allows for unauthorized UEs to initiate such API calls, a method of detecting at least some unauthorized API calls, the method comprising: receiving, over the network, an API call from a UE; identifying a UE identifier supplied by the UE based on data provided with the API call; checking that UE identifier against a stored plurality of references to UEs' corresponding unique UE identifiers (“UEINs”); verifying that the requesting UE is the UE associated with the UEIN included in the request from the requesting UE; and filtering out API call requests, based on the UEIN and its determined validity. 13 . The method of claim 12 , wherein filtering out requests comprises securing the API call requests against excessive request iterations from a set of UEs while allowing for ordinary volumes of requests of from the set of UEs, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria. 14 . The method of claim 13 , wherein securing the API call requests against excessive request iterations comprises dropping requests using invalid UEINs, dropping requests for a given UEIN that are deemed excessive requests, and forwarding requests for ordinary volumes of requests from valid UEINs. 15 . The method of claim 12 , wherein at least one of the API calls authenticates UEs with respect to a secured account maintained by the API service. 16 . The method of claim 12 , wherein verifying comprises: encrypting a challenge message using a public key of a public key pair associated with one or more UEINs; and checking digital signatures of challenge reply messages. 17 . The method of claim 16 , wherein the challenge message includes a random, semi-random, or pseudorandom number.