Voipy Shield API

v1 · beta

A REST endpoint that classifies a call transcript (or SMS body) for scam/fraud signals. Powers Voipy Shield's in-house receptionist and is now available as a metered API for carriers, banks, and senior-care platforms integrating scam-screening into their own call flows.

Try it now

Paste a call transcript (or pick an example) and hit Classify. No signup; IP-rate-limited 5/min.

Base URL

https://voipy.app

Authentication

Every request must carry a Bearer token in the Authorization header. Keys are issued per customer and look like shd_ + 64 hex chars.

Authorization: Bearer shd_c1d5ce39197944eb56eeef956062cba01e77c593adc16c1239530b0bc0927bd2

Keys are shown once at create time. Store it immediately; it cannot be retrieved later. Compromised? Revoke from the admin console and issue a new one.

Rate limits

Per key	60 requests / minute
Burst	Soft — exceed briefly, expect 429 beyond the sustained cap
On overflow	HTTP 429 + `Retry-After` header (seconds). Rate-limited calls are NOT billable.

Higher limits available on request.

POST /api/shield/classify

Request

{
  "text": "This is the IRS. Your Social Security number has been suspended."
}

text	string · required · the caller's speech or SMS body

Response (200)

{
  "signals": [],
  "decision": {
    "final_action": "BLOCK_AND_TERMINATE",
    "confidence": 0.97,
    "claimed_organization": "IRS",
    "claimed_identity": "",
    "claimed_relationship": "",
    "purpose_of_contact": "collect back taxes",
    "request_type": "payment",
    "money_request": true,
    "payment_method_requested": "wire",
    "urgency_level": 0.85,
    "secrecy_request": false,
    "intimidation_or_legal_threat": true,
    "impersonation_suspicion": 0.95,
    "deepfake_or_synthetic_suspicion": 0.0,
    "asks_for_sensitive_info": ["ssn"],
    "reasons": ["impersonation:IRS", "intimidation", "ssn_request"],
    "channel": "voice"
  }
}

The top-level response is {signals, decision}. The decision object is where action lives.

final_action	one of `ALLOW`, `HOLD_FOR_STAFF_REVIEW`, `QUARANTINE_SMS`, `BLOCK_AND_TERMINATE`
confidence	float 0-1 · model's confidence in `final_action`
reasons	array · short tags that drove the decision
claimed_*	string · what the caller claimed to be / know
request_type	string · normalized intent tag (e.g. `payment`, `appointment_confirm`, `information`)
money_request	bool · did the caller explicitly request payment
urgency_level	float 0-1 · how urgent the ask was framed
impersonation_suspicion	float 0-1 · likelihood the caller is impersonating someone
deepfake_or_synthetic_suspicion	float 0-1 · TTS/cloning heuristics
asks_for_sensitive_info	array · kinds of info requested (`ssn`, `card`, `password`, …)
channel	string · `voice` or `sms` (inferred)

Errors

400	Missing `text` or malformed JSON
401	Missing / invalid / revoked API key
429	Per-key rate limit exceeded. See `Retry-After`.
502	Upstream classifier unavailable. Retry with backoff.
500	Something broke on our side. Not billed.

Billing

Usage is metered per successful request and billed monthly. Errors on our side (5xx) and rate-limited (429) calls are excluded. We invoice by calendar month; detailed daily breakdowns are available in your account manager's dashboard.

Want to pilot? Email anton@sdnbros.com with your company, expected volume, and use case. Pilots get a scoped key at no cost for two weeks.

SLA & uptime

Availability	99.9% (rolling 30d)
p50 latency	< 400ms
p99 latency	< 1.2s

Changelog

v1 · 2026-04-23 — beta launch. 60 req/min cap, billing excludes 4xx/5xx.