Secure your web with GEETEST CAPTCHA service
CAPTCHA technology confirms that a real person is accessing both web & mobile application content to block spammers and bots. The idea came to protect automated bots. Automatically sign up with a script, submit forms several times; this is a common hassle that the captcha technology can handle. Captcha blocks automated systems with its own algorithm. There are so many patterns of captchas. Maybe we all have seen the conventional CAPTCHAs. Here comes GeeTest with a different idea.
Application of CAPTCHA protection?
- Confirming voting accuracy
- Prevent Login or Register unlimited try
- Prevent ticket inflation
- False form submission
- Random search protection
- Prevent false order
- Prevent Scraping
- Detect real users and automated users
Some facts about Bot Traffic
- 25% malicious traffic
- 80% of businesses lost revenue to bad bots
- $500k businesses lost revenue to bad bots
The Conventional CAPTCHAs
Conventional captchas have some common methods that the intelligent bots can pass with their algorithm. Some conventional captchas are
- Object detection
- Text detection
- Mathematical operations
This kind of CAPTCHAs is not that hard to pass with an automated script/bot also kind of irritating for the users.
Why GeeTest CAPTCHA?
The enterprises now confront clever hackers, and the traditional Captchas’s performance in protecting platforms from abusive traffic is getting worse. GeeTest’s Trinity Protection machine learning models keep fighting against bots and self-adjusting to combat constantly evolving internet threats.
From a long-term industrial experience, they know about the intelligence of bot and prepared their service with higher security. Here are some key points
- Anti-brute force
How does it work?
The GeeTest CAPTCHA identifies humans from bots based on the data generated as users interact with the CAPTCHA.
Detect Bot Features
When a visitor clicks on the CAPTCHA button, the CAPTCHA will automatically collect and analyze more than 100 parameters, including the network environment data, device attributes, biometric data, etc.
Challenge the Threats
Based on the bot detection tests done on these data, the GeeTest security engine evaluates the risk level of the visitor. More data will be collected through a challenge-response to verify the identity of the bot feature has been detected.
Learn and Evolve
As new malicious attack patterns are identified throughout the 290,000 GeeTest protected domains, the machine learning models behind the GeeTest Risk Analysis Engine evolve to pinpoint and block all angles of attack in real-time.
GeeTest’s CAPTCHAs to defense bot attacks
Currently, there are four different types of GeeTest CAPTCHA. All of those are unique than the conventional CAPTCHAS. GeeTest offers four differents with different user experiences and security levels.
- Intelligent mode
- Slide CAPTCHA
- Icon CAPTCHA
- Space CAPTCHA
Here is a detail of all of them.
In this mode, ONLY high-risk visitors will be provided with CAPTCHA challenge. The system will automatically decide to let the user pass the test, pop out Slide or Icon CAPTCHA challenge based on the detected risk.
This one is not that secure. GeeTest itself rated it 2 out of 5 for its security strength. For user experience, 5 out of 5.
When the user drags the slider, the mouse tracks, device attributes, and some other data will be collected and analyzed in real-time.
This one is much secure than the previous one. GeeTest itself rated it 3out of 5 for its security strength. For user experience, 4 out of 5.
The neural network has been applied to switch image styles rapidly. The mouse tracks, device attributes, and some other data will be collected and analyzed to differentiate humans from bots.
GeeTest itself rated it 3 out of 5 for its security strength. For user experience, 4 out of 5.
The diversity of solid figures and complex questions could significantly reduce the recognition risk with computer vision.
This one is much secure than all others. GeeTest itself rated it 5 out of 5 for its security strength. For user experience 1out of 5.
Steps to integrate captcha
Step 1. Get your captcha ID and KEY
If you don’t have a GeeTest account, please firstly get your GeeTest account.
If you already have a GeeTest account, please sign in and enter GeeTest captcha dashboard. Click +New captcha to add a new captcha. Then, you will get a set of unique captcha ID and KEY. You can modify the security setting in the dashboard.
The following is an example of captcha ID and KEY.
Step 2. Integrate server SDK
What to check:
API2 could be accessed successfully. If you call
API2, it will return
fail. Please replace the URLs with the URLs that you assign to
API2 (see the example below). If error reports when you call the API2 and read the
session, please comment out the
The client SDK supports Web, iOS, and Android. You can find the detailed explanation and example in Client Integration.
What to check:
API1could be successfully accessed. If the
API1could return the
challenge, captcha was successfully initialized.
- Whether the captcha challenge could pop out.
- Whether the captcha could be interacted with. After you have passed the verification, it will prompt verification succeeded.
- If you call the API2, it will return 3 variables
- After you call the
API2, you can find in the browser console or through package capture that the request has been sent successfully.
Step 4. Check the
This step aims to check if the
API2 can correctly verify whether the captcha has been passed.
What to check:
- The Server successfully receives API2 request from the Client and get three variables, including
- After the Server calls the method in the SDK, it returns data to the Client, which can correctly indicate whether the verification is successful.
- The Client successfully receives the returned result of API2 and executes the corresponding process according to the returned result.
Step 5. Fallback mode simulation
Failback mode is an emergency solution for downtime. GeeTest’s captcha is designed to provide a stable and secure service. In some unavoidable cases or force majeure, Failback mode could be used to ensure normal operation in downtime.
The available status of GeeTest cloud server (
gt_server_status) is stored in the
API1 and can be returned to the client with
success. The client could use
success to decide whether to perform the Failback mode. The
API2 can get
session and decide to get the secondary verification result from the local or GeeTest cloud server.
How to simulate the Failback mode?
Please fill in an incorrect string (e.g. 123456789) for the captcha ID. Then, it will enter the Failback mode.
What to check:
- Check if the verification process is correct in Fallback mode.
More about integration here: https://docs.geetest.com/captcha/overview/guide#Steps-to-integrate-captcha
GeeTest integration is much easier also has some unique features than others. One more thing is Geetest is Serving 290,000+ enterprises worldwide, Processing 1,000,000,000+ requests daily. That means their service is obviously better; otherwise, these giant companies will not use their service. You can have a try. Thank you.
Have a great day!