Bypassing Robinhood's Flagging System

Placing API Option Orders via Bimodal Gaussian Distribution

3-min read

I thought a good weekend project would be to play with Robinhood’s unofficial API and zero commissions and see if it would be possible to create a profitable algo strategy. What followed was a USD$1000 deposit, a potentially restricted account, and a passive-aggressive email from Management. Here, I write about alternative brokers and how I’m planning on bypassing these restrictions. If you’re only looking for the code head straight down to the last section.

Caught with your Hand in the Cookie Jar

I know, I should have flown under the radar, been more diligent. I was! At least with the headers I sent across with each request (User-Agent/ Referrer, etc). But to be completely honest I’m sure the folks at the Robinhood headquarters have more sophisticated ways of flagging an account, whether that is through unique timing characteristics and order of operations which can be used to fingerprint the app to detect direct access. It is a very common machine learning application to detect bot automation; tech is available right off the shelf. Given their track record, I’m not surprised that they’re terrified of people using the API directly — it likely exposes them to more risk from their own corner-cutting.

I’ve read that the email I received isn’t uncommon. Adding a 5-second delay between orders seemingly isn’t enough and my account was inadvertently flagged by customer support. If you continue to use RH you need to submit requests as a regular user would, not ~390 a day (to stay under the professional trader limit).

The number is interesting because the exchange is only open for 6.5 hrs/ day (exactly 390 minutes). It seems like the limit is designed to keep trades to about one per minute.

To combat these restrictions, I export and count all of my trades. Once I have hit my monthly cap, my program doesn’t run until the following month. Anyway, I’m digressing. Now one might say, ‘why don’t you use an actual brokerage that supports algorithmic trading?’

Meaningless Metrics, Countless Choices

The problem is my strategy only applies when I’m trading options with zero commission. Some people might say if my strat breaks with this initial upfront cost, then it sucks. Whatever, it’s low risk and works for me. Let’s look at what the free market has to offer:

  1. TD Ameritrade — USD $0.65/ contract

    Some back of the envelope calculations — with a lower limit of ~200 trades/ day, and a $1.30 round-trip, TD will cost me $4,000 a month.

  2. Interactive Brokers won’t scam me on the spread like Robinhood, provides better support, and much better order execution/ fill. Also tiered option pricing. You may get rebates depending on if you’re providing enough liquidity

    Will unlock wider delta spreads and probably have more of an upside meaning more $$$ but IB is my main and Robinhood is my play account. Don’t mix business with pleasure.

  3. But Tradier does free options for $30/ month?!

    Last I checked, they don't actually support OTO/OCO/OTOCO orders yet... even though it is in the docs. There are a few rough edges but haven't had any notable trading failures. I had issues with their historical options price data and didn't bother digging deeper.

  4. Alpaca, as often mentioned, is great — but no options yet.

    It handy to have an Alpaca account for their free Polygon.io API key. Both Alpaca and Tradier have a decent data API/ streamer too, although it’s not IQFeed, etc.

  5. Maybe stick to Robinhood, and use an automation macro on their website. You won't have to roll the dice in regards to getting banned.

    Unfortunately, the website can get really delayed sometimes, so doing it through the API seemed more reliable. Worth looking at it if I can't get around the aforementioned triggers the signals the tech boys in Menlo Park are looking for.

Maybe I’m looking at this the wrong way. I went back to the email and dug deeper.

I guess I’ll stick with the latter.

The Meat

A fixed interval would be easy to detect on any brokerage’s API endpoints. Whenever I’m worried about the timing of requests I end up generating a bimodal Gaussian distribution. Maybe Poisson is better, but this is simple and gets the job done.

The words and math make it sound complicated but all you really need to use is pythons random package and tune it to make it look somewhat real:

from random import gauss, random
from time import sleep
s = random()
if s < 0.3:
  t = gauss(10, 2)
else:
  t = gauss(30, 5)
t = max(min(t,120), 5)
sleep(t)

You can get crazier than this and sample from multiple distributions or look into research on user behavior to try and best mimic a user. I knew a guy who wrote his own mouse driver with laplacian curves to mimic a user and avoid detection.

I’m not that particularly invested so I’ll stick to randomness.