If you run a website that allows visitors to comment, or where your clients have to set up user accounts, you need some kind of security in place to prevent abuse. Hackers can create robots that can enact malicious attacks on your site by posing as humans. Some of those attacks include making comments and registration requests. Because robots, or “bots,” can work much faster than humans, they could easily bog down your website with multiple attacks in a short time. For this reason, you need some kind of security that can distinguish between humans and machines, and protect your site from malicious attacks.
Types of Security
There are several ways to secure your site form robot attacks, from complex to simple:
CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It is a complex, but effective, way to differentiate humans from machines.
CAPTCHA uses graphic representations of letters, words, and symbols, which the users are required to type in. The idea is that a robot will not be able to recognize the letters and symbols in order to replicate them.
Recommended for You
Webcast: The Key Social Media Trends for 2015
Unfortunately, the problem with traditional CAPTCHA is that many humans can’t recognize them either. Some CAPTCHAs have an audio option for visually impaired users, but the audio can often be just as difficult to decipher.
In response to the issues with traditional CAPTCHAs, companies like Confident Technologies have spearheaded image-based CAPTCHAs, which use photo images instead of text graphics. The images are easier for most humans to recognize, but still difficult for a bot to manipulate.
The image-based CAPTCHAs could be presented as a single image or as a mini game where users have to solve a puzzle with the images.
Text, Email or Phone Verification
With text or email verification your site will end a text or an email, or place a phone call to anyone who tries to create an account, post a comment, or perform other actions on your site. The user then has to respond to the message, either by clicking on a verification link, pressing a button, or by returning to your site to enter a code.
The advantage to this type of verification is that it requires your users to enter specific information to proceed, which a robot might not be able to do. The disadvantage is that it requires your users to have their phones or email handy. In most cases this should not be an issue, especially considering the advances in smartphone technology, but there could be occasions where a phone or email might not be available.
The Honey Pot
A honey pot is a trap designed to lure the victim into doing something they shouldn’t. In terms of security for your site it means luring a robot to fill a field that it’s not supposed to, or to fill it incorrectly. The field usually contains instructions like “leave this field blank,” a robot won’t be able to read the field and will disqualify itself by entering data.
The issue with the honey pot is that sometimes users can also neglect to read the instructions and disqualify themselves.
Submission timing is simply the amount of time it takes to complete a task. Since robots generally complete tasks faster than humans, if there is too short of a time frame between tasks, especially similar tasks, the system reads it as a robot and displays a warning message. If the actions continue then the system blocks the user.
The advantage to submission timing is that it’s fairly simple and straightforward. The Ellipsis Human Presence technology utilizes these timing and measurement datapoints and along with their proprietary algorithms, a database of known human behavior and machine learning, they are able to accurately detect human site visitors and quarantine all traffic that does not meet this criteria.
Check boxes are one of the simplest ways to secure against robots. It is essentially a checkbox on the form that’s invisible to a machine, yet visible to the user. The user must check the box to proceed.
The advantage to the check box is that it is very simple and easy to implement. The disadvantage is that robots have progressed to the point where some can recognize the boxes.
Read more at http://www.business2community.com/tech-gadgets/types-website-security-01092313#MmEft7QREqJoMlip.99