Case Study - Web-Engine Sentry
A privacy-focused solution that helps secure sites from automated submissions. Featuring a simple API and a plugin for protecting WordPress sites.
- Client
- web-engine-cloud
- Year
- Service
- Plugin, Cloud, SaaS, Security
With the rise of “AI” and most mainstream solutions being either too complex for end users to use or ineffective, we decided to develop our own solution to the problem. This solution doesn’t help train models or mine your users’ data.
Our unobtrusive CAPTCHA is provided via an API, making it easy for anyone to integrate it with their application. We even provide a plugin for WordPress, so you can install it without coding.
Overview
Our solution is designed to provide a simple way to make it easy for humans and challenging for bots to access your site. The initial offering comprises a simple CAPTCHA image challenge and a more effective interactive challenge. We have plans to expand on this with an accessible alternative option available soon.
The API is very simple to install, requiring a simple script include, some markup where you want the challenge to appear, and a simple confirmation check on the server side. If you are a WordPress user, the plugin simplifies this substantially. Our aim is to enhance security by implementing a straightforward CAPTCHA mechanism, effectively filtering out non-human users attempting to access.
Is this foolproof?
With the advent of artificial intelligence, the effectiveness of Captchas is being challenged. While it is not feasible to guarantee complete protection against automated attacks, our goal is to make the process as challenging as possible while maintaining simplicity for users. The service is not limited to a single type of puzzle, and we employ additional metrics, such as the visitor’s location and solving speed, to further profile potential actors.
Privacy first
Our plugin prioritises user privacy. We will not utilise your visitors to train AI models or record any information beyond what is essential to verify the legitimacy of your users. Furthermore, we will not share any data collected during this process with third parties.
How does it work?
This plugin works by requesting a CAPTCHA to be generated by our cloud service. This CAPTCHA is delivered to your site with some encrypted data. When a user attempts to solve the CAPTCHA, the service uses this data to validate their response. The plugin then passes or fails the action, thereby protecting your site. We additionally check request headers, IP addresses, and some other traits to detect if the visitor is a person. Currently, a visual CAPTCHA is used; however, we are going to further develop the solution and are committed to finding innovative and simple ways to validate your visitors as being human or not.
The API means any form submission can be protected; the WordPress Plugin is configurable too and can be configured to protect: forms, comments, and logins.
Pricing
While we do provide a free version, which offers basic protection with simple image CAPTCHA, unlike the pay-for version - these can be solved in seconds using AI. If you want more comprehensive protection, then we also offer a pay-as-you-go enhanced version in which we make a tiny charge for each successful login or submission; we believe this is the fairest way to charge as it encourages us to deal with the issue in an efficient way. We do not charge to block spam!
New customers get free credits to try out the service and see if it fits their needs - you do not need to pay to try the enhanced service out.