Hot new feature – Goodbye CAPTCHA! Hello Browser Integrity Check!

How would you imagine a world where annoying CAPTCHAs are not the first line when it comes to identification of botnets and human visitors? Here at BitNinja we thought big and made it come true.

Let us show you a security solution where the visitors with suspicious incidents in their past don’t have to type anything, moreover, they don’t have to click anywhere either.

It sounds too good to be true, isn’t it?

Some of our users (you know, big players who) run into this issue when their end-users – who would like to surf on sites – were afraid of filling CAPTCHAs. We couldn’t afford to keep them in this situation which required support time from them, so we came up with the idea to build in Browser Integrity Check (BIC) instead of using the reCAPTCHA alone.

To bring it closer to you, our CTO made a short video for you, where he shows how does this novelty work and who can benefit from it.

Who will meet this validation?

Connected to the IP Reputation module, the BIC will appear to those who are on our greylist and connected to BitNinja-protected servers via HTTP or HTTPS (in case of the HTTP Protection module is enabled).  After validation, the IP will be removed from our greylist and we won’t block the requests to the BitNininja protected servers.

Why is the BIC better than the CAPTCHA/reCAPTCHA?

Your visitors won’t have to fill or type anything, they just have to wait for 5 seconds while we ascertain by measuring some feedback information from the browser while we run some simple JavaScipt calculations in the background.

You don’t have to be afraid, it doesn’t have any bad influence on your system or the user experience, nevertheless, we will be convinced they’re not robots. 🙂

It will foster the automatic delisting, decrease the overall false-positive rate even more, while the security level stays the same but the CAPTCHA complaints will disappear.

Does this solution have any limitation or exceptions?

The BIC doesn’t have any limitation, but there is a special case when the reCAPTCHA appears instead of the BIC: 

when the servers have a local incident, for example, one captures by the LogAnalysis module. In this case, the protection of BIC is not enough, so the visitor has to fill the reCAPTCHA.

We have one more good news for you. You can personalize the BIC as well. You just have to modify your server’s BIC related /etc/bitninja/CaptchaHttp/www/browser_integrity_check.html file.

If you would like to add translation you have to copy the original one and add your country’s two-letter authentication ID.  For example, this is how the Hungarian translation looks like browser_integrity_check_hu.html.

We’ll release it with a new agent version tomorrow. The bulk update will be next week but you don’t need to wait until then. Be the first one who can get benefits from it. Feel free to update manually.