Hot new feature - Goodbye CAPTCHA! Hello Browser Integrity Check!
Anita Batari

Hot new feature - Goodbye CAPTCHA! Hello Browser Integrity Check!

How would you imagine a world where annoying CAPTCHAs are not the first line when it comes to identification of botnets and human visitors? Here at BitNinja we thought big and made it come true.

Let us show you a security solution where the visitors with suspicious incidents in their past don't have to type anything, moreover, they don't have to click anywhere either.

It sounds too good to be true, isn't it?

Some of our users (you know, big players who) run into this issue when their end-users - who would like to surf on sites - were afraid of filling CAPTCHAs. We couldn't afford to keep them in this situation which required support time from them, so we came up with the idea to build in Browser Integrity Check (BIC) instead of using the reCAPTCHA alone.

To bring it closer to you, our CTO made a short video for you, where he shows how does this novelty work and who can benefit from it.

Who will meet this validation?

Connected to the IP Reputation module, the BIC will appear to those who are on our greylist and connected to BitNinja-protected servers via HTTP or HTTPS (in case of the HTTP Protection module is enabled).  After validation, the IP will be removed from our greylist and we won't block the requests to the BitNininja protected servers.

Why is the BIC better than the CAPTCHA/reCAPTCHA?

Your visitors won't have to fill or type anything, they just have to wait for 5 seconds while we ascertain by measuring some feedback information from the browser while we run some simple JavaScipt calculations in the background.

You don't have to be afraid, it doesn't have any bad influence on your system or the user experience, nevertheless, we will be convinced they're not robots. :)

It will foster the automatic delisting, decrease the overall false-positive rate even more, while the security level stays the same but the CAPTCHA complaints will disappear.

Does this solution have any limitation or exceptions?

The BIC doesn't have any limitation, but there is a special case when the reCAPTCHA appears instead of the BIC: 

when the servers have a local incident, for example, one captures by the LogAnalysis module. In this case, the protection of BIC is not enough, so the visitor has to fill the reCAPTCHA.

We have one more good news for you. You can personalize the BIC as well. You just have to modify your server's BIC related /etc/bitninja/CaptchaHttp/www/browser_integrity_check.html file.

If you would like to add translation you have to copy the original one and add your country's two-letter authentication ID.  For example, this is how the Hungarian translation looks like browser_integrity_check_hu.html.

We’ll release it with a new agent version tomorrow. The bulk update will be next week but you don’t need to wait until then. Be the first one who can get benefits from it. Feel free to update manually.

Share your ideas with us about this article

Previous posts

Castle Vs Airport Model in security
Apart from changing the way we live, this virtual connectivity has exposed us to an array of attacks. Cyber risks are a growing concern in virtually every aspect of our lives. The integration of technology into our everyday tasks has paved way for more efficient work performance yet left us vulnerable to many cyber-attacks.  To combat the situation, easy-to-use server security tool was introduced into the equation with BitNinja being one of the top contenders.  With more and more malicious programs and hackers trying to penetrate systems on a daily basis via the use of latest tech...
Useful facts in cybersecurity landscape
Today's post is a little eccentric. Thanks to the Crozdesk's  IT & Security we show you a really good infographic. You can check the past, the present and the future of the cybersecurity and the ITsecurity solutions. Which are the biggest fears? What are we expecting from a cybersecurity software? What kind of tools do you require to prevent attacks? You can find answers here: Which weapons are available in BitNinja? Malware Detection Web Application Firewall Intrusion Prevention System - with our greylist Denial of Service prevention...