Security issue in API fixed

We’ve identified and corrected a content spoofing issue in the API server for Thanks to Nessim Jerbi for identifying and reporting this security bug, as well as recommending a fix.

Our 404 handler on the API server would echo the erroneous path in its error message. An attacker could craft a path that would inject text into the error message for other users, giving the impression that it was an official message from

We’re not aware of any abuse of this bug having occurred. The bug has been patched on our servers and does not require any updates to client software or SDKs.

Build Fraud Detection Into Your Apps

There are a number of fraud detection tools available on the market, but for some companies, it’s important to have greater control over how the fraud scoring algorithms work and to have them keep learning and improving using machine learning. Our team has put together a demo and some sample code to show how you can build this with

fraud score

For this example, let’s assume that is being used by a company with an online store, where customers order products online. After running their business for a year, they’ve noticed that all of the following factors often indicate that a transaction is fraudulent:

  • Transactions from new users
  • Transactions much larger than the online store’s average size
  • Mismatches and very large distances between the billing address, shipping address, phone number location and IP address location

They also noticed that in addition to the points above, some lesser indicators of fraud are:

  • Using the most expensive shipping option might indicate fraud
  • Multiple credit cards used from same IP increases fraud
  • Multiple credit cards shipping to the same address increases fraud


With, you could quickly build an agent based on these rules and get a fraud score in real-time for each transaction. In fact, we built one and created a demo interface you could use to try it out:

Visit our Fraud Detection demo site

We’ve also made all of the code behind this demo available. Check it out on GitHub.

Using a Chatbot to Offer Dynamic Promo Codes

Chatbots have become a really popular way for companies to interact with customers. Most chatbot experiences, though, are pretty static. As a developer, you need to set up a messaging flow with content that doesn’t change much based on user interaction.

Some of our users have discovered that you can use along with most chatbot frameworks to create a much more personalized experience for your customers. Some examples include offering dynamic promotions based on user behavior, and recommending the most appropriate products.

To show this in action, we’ve built a sample bot that we call the Promobot. You can chat with Promobot on Facebook Messenger and based on how you answer the questions it asks, Promobot will offer you a personalized discount on your subscription. Promobot is built using’s Botkit toolkit.

Here’s a sample chat with Promobot:

dynamic chatbot coupon.png

Behind the scenes, is taking the data from the chat responses to predict the discount most likely to result in a purchase. To get started, the agent powering the discount decision is a pretty simple one. It’s based on these 5 rules:

IF hasAccount IS no THEN discount IS high
IF hasAccount IS yes THEN discount IS low
IF tutorial IS no THEN discount IS high
IF tutorial IS yes THEN discount IS low
lastAPICall INCREASES discount

And the discount that Promobot offers in our example ranges from 0% to 20% based on the user’s responses.

Once Promobot offers the user a discount code, it then uses’s machine learning to automatically optimize its rules to offer the lowest effective discount possible.

chatbot machine learning.png

In our example, Promobot does this by asking the user if they plan on using the discount code and then providing that feedback to In real implementations, you might send this feedback to once the user actually makes a purchase.

The feedback Promobot provides is the % of full price paid by the customer. So, if Promobot offers a 15% discount and the customer says they plan to use it, Promobot sends “85” (100% minus 15%) to If the customer says they don’t plan to use it, then we consider it a lost sale and Promobot sends “0” (zero) to’s machine learning algorithms are seeking to maximize this value, and will automatically optimize the rules to get the highest possible result.

This is a simple example, but a more complex one could include dozens of questions and external data to create a truly personalized experience.

Please feel free to chat with Promobot on Facebook Messenger and check out the project’s code on GitHub to fork it for your own bots.


How to Create Custom User Scores for Intercom

Some of our Google Sheets Add-on beta users have been using it to do some really interesting stuff. One of my favorites is the company that is using it to identify their best customers by creating custom user scores using and user data from Intercom.


Here’s how you can build something similar:

Gather Data

First, export user data from Intercom (Instructions here) and upload it to a new Google Sheet. It should look something like this:

intercom data@2x.png

Given all of the data available in Intercom, you can really easily do a lot here. To get started, let’s narrow it down to a few columns:

sample columns.png

With these columns, we can easily get a few useful facts about each customer:

  • How long has it been since they signed up
  • How long since their last login
  • How many times they’ve logged in
  • Whether they’re on a free or paid plan

You can add columns and use an easy formula in Google Sheets to calculate the number of days between today and the Signed up and Last seen dates:


And an if/then statement to show whether or not the user is on a paid plan:

=if(P2 = "free", 0, 1)

The result is a sheet like this:

columns with formulas.png

(To help you get started quickly, here’s a copy of this spreadsheet. Just go to the File > Make a Copy menu to make a copy of it in your own Google account.)

Set Up Your Rules

If you don’t already have a account, you can sign up here to try it for free.

Next, let’s decide on a few rules to start things off. These are a pretty obvious place to start:

  1. The longer it’s been since a user signed up, the better, so a larger number of days here is good.
  2. The shorter it’s been since a user last logged in, the better, so a smaller number of days is best.
  3. The more times a user has logged in, the better, so a larger number here is also good.
  4. A user on a paid plan is better than one on a free plan.

Let’s also say that rules 2,3 and 4 are much stronger signals than rule 1, so we can give rule 1 a lower weight.

Here’s what those rules might look like in


intercom scoring rules@2x.png

(Follow this link and click on Create to make a copy of this agent in your own account)

Take note of your API key and the Agent ID of the agent you created above. You’ll need them for the next step.

Calculate User Scores

If you haven’t already made a copy of the sample spreadsheet above, you can do that here.

Next, install the Google Sheets add-on.

Once the add-on is installed, go back to the Add-ons menu > > Settings and enter your API key and Agent ID.

With the Google Sheets add-on, you can use the function =FUZZYAI() to send data to and display the result. It expects inputs in the following format:

=FUZZYAI(<name of input 1>, <value of input 1>, <name of input 2>, <value of input 2>, etc)

So for this example, paste this formula into cell B2 (in the User Score column):

=FUZZYAI("daysSinceSignup", D2, "daysSinceLastSeen", F2, "webSessions", G2, "paidPlan", I2)

A score should appear in that column. Just copy and paste that formula into B3 -> B10 to get the rest of the scores.

Set This Up For Yourself in 5 Steps

  1. Create a sample User Score agent in your account by following this link and clicking on Create. (If you don’t already have a account, sign up here to try it for free.)
  2. Take note of your API key (found on your dashboard) and the Agent ID of the User Score agent you created in step 2.
  3. Go to this sample Google Sheet and make a copy of it in your own Google account.
  4. Add the Google Sheets add-on to that sheet.
  5. Copy the FUZZYAI formula shown above to cell B2.

And with that, you should have a working version of this example! Try changing some of the data in the spreadsheet to see how it affects the score.

Other Ideas

The goal here, of course, is to show a pretty simple example of how to do this. We’ve seen users do similar things to create lead scoring, do churn risk analysis, and much more.

Some of our users have built agents to do this type of user score and then send that score back to Intercom daily as custom user attributes.


Use in Google Sheets with our new add-on

We’re excited to announce the release of a add-on for Google Sheets. With this add-on, you can test your agents directly in Google Sheets without having to do any integration with code.

To get started, follow this link or go to the listing on the Google Sheets Add-on Marketplace and install the add-on.

Once it’s installed, go to Add-ons > > Settings and put in your API key and the ID of the agent you’d like to use.

Fuzzyai Google Sheets Settings@2x.png

Once you’ve entered your API Key and Agent ID, you can make a call to using this formula:

=FUZZYAI("<name of first input>", <location of first input value>, "<name of second input>", <location of second input value>, etc...)

For example:

=FUZZYAI("Number of shares", A2, "Number of likes", B2, "Age in minutes", C2)

This add-on is a quick and easy way to start using without any code at all. Try it out and let us know what you think!

(Bonus for developers: If you’re curious to learn more about how the add-on works, check out the project on GitHub and file issues for any comments/feedback.)

How to Build Your Own Product Recommendation Engine

A common application of is in powering custom recommendation engines. For many companies, generic solutions don’t offer enough flexibility (or require too much work manually setting up links between all of the different products in the catalog), and building a custom recommendation engine from scratch requires way too much time and effort.

To show how easily it can be done, we’ve put together an open source Product Recommendation plugin for Drupal Commerce stores that lets anyone spin up their own product recommendation engine with

You can see this recommendation engine in action on our demo store:


How Do The Recommendations Work?

When a user is looking at a product page on an online store, the goal of this recommendation agent is to identify the other products in the catalog that might be relevant.

The way differs from other machine learning platforms is that we let developers encode their own knowledge about how a system should work as a set of rules. The API uses those rules to provide recommendations. Over time, as feedback is sent to on how well the rules performed, the API learns and improves automatically.

In our sample recommendation agent, we identified a few rules that might show affinity between the current product and each of the other products in the catalog:

  • If the current product and another product are in the same category, it’s likely to be a good recommendation
  • If the current product and another product are not in the same category, it’s less likely to be a good recommendation
  • If the current product and another product have very different prices, it’s less likely to be a good recommendation (i.e. it decreases affinity)
  • If many customers who bought the current product also bought another product, that’s likely to be a very good recommendation (i.e. it increases affinity)
  • If the current product and another product have many of the same words in their titles, it’s likely to be a good recommendation (i.e. it increases affinity)
  • If the current product and another product have many of the same works in their descriptions, it’s likely to be a good recommendation (i.e. it increases affinity)

Here’s what those rules look like when created within


Keep in mind that these were purposely chosen because they can work generically for many online stores. Specific stores may have other rules that make sense, for example, a clothing store may want to show products for the same season and so might add rules like:

  • If sameSeason is true then affinity is high
  • If sameSeason is false then affinity is very low

What’s Next?

If you want to try it for yourself, sign up for a account and follow the instructions in the Drupal Commerce Recommendation Engine plugin on GitHub.

This project is meant as a starting point. Every developer will likely have their own modifications to make to the rules and integration in their ecommerce platform.

In an upcoming blog post, we’ll talk about how to add feedback into this recommendation engine so that it can learn based on actual customer behavior over time.