diff --git a/common/manager/MobileDeviceManager.php b/common/manager/MobileDeviceManager.php
index cc4d8a0..edd67f9 100644
--- a/common/manager/MobileDeviceManager.php
+++ b/common/manager/MobileDeviceManager.php
@@ -111,4 +111,15 @@ class MobileDeviceManager extends BaseObject
 
     }
 
+    public function isMobileDeviceActivatedByIdCard($idCard){
+        if ( !isset($idCard)){
+            return false;
+        }
+        $device =  MobileDevice::find()->andWhere(['id_card' => $idCard])->one();
+        if ( !isset($device)){
+            return false;
+        }
+        return isset($device->activated_at);
+    }
+
 }
diff --git a/common/models/Customer.php b/common/models/Customer.php
index c5f11d2..81cf7c2 100644
--- a/common/models/Customer.php
+++ b/common/models/Customer.php
@@ -6,6 +6,7 @@ use Yii;
 use yii\base\Exception;
 use yii\base\InvalidConfigException;
 use yii\base\NotSupportedException;
+use yii\filters\RateLimitInterface;
 use yii\web\IdentityInterface;
 
 /**
@@ -42,7 +43,7 @@ use yii\web\IdentityInterface;
  * @property string password_hash
  * @property string auth_key
  */
-class Customer extends BaseFitnessActiveRecord implements IdentityInterface
+class Customer extends BaseFitnessActiveRecord implements IdentityInterface, RateLimitInterface
 {
 
 	const STATUS_DELETED = 0;
@@ -339,4 +340,23 @@ class Customer extends BaseFitnessActiveRecord implements IdentityInterface
         }
     }
 
+    public function getRateLimit($request, $action)
+    {
+        return [1000,3600];
+        // TODO: Implement getRateLimit() method.
+    }
+
+    public function loadAllowance($request, $action)
+    {
+        // TODO: Implement loadAllowance() method.
+        return [1000,3600];
+
+    }
+
+    public function saveAllowance($request, $action, $allowance, $timestamp)
+    {
+        // TODO: Implement saveAllowance() method.
+        return [1000,3600];
+
+    }
 }
diff --git a/mobileapi/components/ActivatedFilter.php b/mobileapi/components/ActivatedFilter.php
new file mode 100644
index 0000000..b96e11b
--- /dev/null
+++ b/mobileapi/components/ActivatedFilter.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace mobileapi\components;
+
+use common\components\HttpStatus;
+use common\manager\MobileDeviceManager;
+use Yii;
+
+use yii\base\Action;
+use yii\base\ActionFilter;
+use yii\helpers\StringHelper;
+use yii\web\HttpException;
+
+
+class ActivatedFilter extends ActionFilter
+{
+    /**
+     * @var array list of action IDs that this filter will be applied to, but auth failure will not lead to error.
+     * It may be used for actions, that are allowed for public, but return some additional data for authenticated users.
+     * Defaults to empty, meaning authentication is not optional for any action.
+     * @see isOptional()
+     * @since 2.0.7
+     */
+    public $optional = [];
+
+    public function beforeAction($action)
+    {
+        try {
+            $activated = false;
+
+            // get the customer
+            $customer = \Yii::$app->user->getIdentity();
+            if (isset($customer)) {
+                $idCard = $customer->id_customer_card;
+                // find out if the device is activated
+                $mobileDeviceManager = new MobileDeviceManager();
+                $activated = $mobileDeviceManager->isMobileDeviceActivatedByIdCard($idCard);
+            }
+
+            // if device is not activated, throw exception with http status 412
+            if ($activated === false) {
+                throw new HttpException( HttpStatus::PRECONDITION_FAILED,"Card not activated");
+            }
+        } catch (HttpException $e) {
+            if ($e->statusCode === HttpStatus::PRECONDITION_FAILED && $this->isOptional($action)) {
+                return true;
+            }
+            throw $e;
+        }
+        return true;
+    }
+
+    /**
+     * Checks, whether authentication is optional for the given action.
+     *
+     * @param Action $action action to be checked.
+     * @return bool whether authentication is optional or not.
+     * @see optional
+     * @since 2.0.7
+     */
+    protected function isOptional($action)
+    {
+        $id = $this->getActionId($action);
+        foreach ($this->optional as $pattern) {
+            if (StringHelper::matchWildcard($pattern, $id)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+
+}
diff --git a/mobileapi/controllers/LoginController.php b/mobileapi/controllers/LoginController.php
index 13698cd..baaf518 100644
--- a/mobileapi/controllers/LoginController.php
+++ b/mobileapi/controllers/LoginController.php
@@ -59,8 +59,14 @@ class LoginController extends RestController
 
     protected function getOptionalActions()
     {
+        // user must not be logged in to call this actions
         return ['login'];
     }
 
+    protected function getOptionalActivatedActions()
+    {
+        // user must not be activated to call this actions
+        return ['login'];
+    }
 
 }
diff --git a/mobileapi/controllers/PingController.php b/mobileapi/controllers/PingController.php
index 8f2b2ed..d0db3b4 100644
--- a/mobileapi/controllers/PingController.php
+++ b/mobileapi/controllers/PingController.php
@@ -25,6 +25,18 @@ class PingController  extends RestController
         Yii::$app->response->setStatusCode( HttpStatus::NO_CONTENT );
     }
 
+    /** @noinspection PhpUnused */
+    public function actionPingActivated( )
+    {
+        Yii::$app->response->setStatusCode( HttpStatus::NO_CONTENT );
+    }
+
+    /** @noinspection PhpUnused */
+    public function actionPingAuth( )
+    {
+        Yii::$app->response->setStatusCode( HttpStatus::NO_CONTENT );
+    }
+
   /** @noinspection PhpUnused */
     public function actionQrcode( )
     {
@@ -38,4 +50,16 @@ class PingController  extends RestController
     }
 
 
+    protected function getOptionalActions()
+    {
+        // user must not be logged in to call this actions
+        return ['ping'];
+    }
+
+    protected function getOptionalActivatedActions()
+    {
+        // user must not be activated to call this actions
+        return ['ping', 'pingActivated'];
+    }
+
 }
diff --git a/mobileapi/controllers/RestController.php b/mobileapi/controllers/RestController.php
index 3416961..6ddb75a 100644
--- a/mobileapi/controllers/RestController.php
+++ b/mobileapi/controllers/RestController.php
@@ -6,6 +6,7 @@ namespace mobileapi\controllers;
 use common\models\Customer;
 use Exception;
 use Lcobucci\JWT\Token;
+use mobileapi\components\ActivatedFilter;
 use sizeg\jwt\JwtHttpBearerAuth;
 use Yii;
 use yii\filters\auth\AuthMethod;
@@ -22,6 +23,10 @@ class RestController extends Controller
             'auth' => [$this, 'auth'],
             'optional' => $this->getOptionalActions(),
         ];
+        $behaviors['activatedChecker'] = [
+            'class' => ActivatedFilter::class,
+            'optional' => $this->getOptionalActivatedActions()
+        ];
         return $behaviors;
     }
 
@@ -56,5 +61,13 @@ class RestController extends Controller
         return [];
     }
 
+    /**
+     * Make the activated filter optional for the actions listed here
+     * @return array
+     */
+    protected function  getOptionalActivatedActions(){
+        return [];
+    }
+
 
 }