GeeTest's 7-layer dynamic protection technology is a comprehensive security solution that utilizes multi-layered defense mechanisms to protect websites and applications from malicious attacks. It includes static resource protection, dynamic behavior analysis, risk assessment, environment detection, human-machine verification, scenario recognition, and anti-fraud strategies as layered protection measures. These technologies work together at different levels to identify and filter malicious behaviors, automated scripts, and bots through intelligent algorithms and big data analysis. They also evaluate user risk levels to ensure system security and a seamless user experience. GeeTest's 7-layer dynamic protection technology offers comprehensive security protection, helping websites and applications defend against various network attacks and fraudulent activities.

First Layer: Dynamic Update of Javascript Obfuscation

Why is Dynamic Update of Javascript Obfuscation needed?

Dynamic obfuscation updates in JavaScript (JS) is used to prevent the reverse decoding JavaScript (JS) files by the bad attackers. It refers to the process of restoring compressed, obfuscated, or encrypted code to a more readable form of source code. Reverse decoding can help understand the functionality, logic, and algorithms of the code, but it is also commonly exploited by malicious actors in the black market to gain illegal benefits.

What illegal benefits can JS reverse decoding bring by malicious actors?

  • Intellectual Property Theft: Illegal reverse decoding can be used to steal trade secrets, patented technologies, trademark designs, and replicate products, undermining market competition.

  • Malware development: Reverse decoding can assist in cracking, modifying, and redistributing malicious software such as viruses, Trojans, ransomware, etc. This behavior can cause harm to others' computer systems and data.

  • Hacking attacks: Reverse decoding can be used to understand and exploit vulnerabilities in software or systems for hacking attacks, such as website intrusion, theft of sensitive information, manipulation of data, etc.

  • Copyright protection circumvention: Reverse decoding can be used to circumvent copyright protection mechanisms for software or digital content, enabling illegal copying, distribution, or use.

GeeTest - Dynamic Update of Javascript Obfuscation

GeeTest employs the following measures to prevent black market actors from reverse decoding JavaScript (JS) files, ensuring secure and stable services for the customers:

Triggering mechanism: When users invoke the captcha, GeeTest loads captcha resource files, including JavaScript (JS) files, which are dynamically updated.

Core technology: GeeTest uses proprietary JS obfuscation technique to protect CAPTCHA. Each time a user invokes the JS file, it undergoes regular obfuscation updates, rendering previously completed reverse engineering scripts ineffective.

Update frequency: GeeTest updates the front-end JS files with obfuscation transformations on a daily basis. By frequently updating the code, GeeTest can promptly respond to new reverse decoding methods and attack techniques, ensuring the security of the CAPTCHA.

  As shown in the above picture, the JavaScript version and parameter codes have been updated on day 2.

Value: The regular obfuscation transformations of the front-end JS files render previously cracked reverse engineering scripts useless, significantly raising the cost and difficulty for black market actors to continue their reverse decoding efforts. These technical measures effectively prevent the misuse and malicious attacks on GeeTest's captcha.

Second Layer: Parameter Dynamic Update

Parameter dynamic updating refers to the process of periodically updating the parameters in a model or algorithm during the computation or optimization process based on different conditions or information. This approach helps the model adapt to continuously changing data or environments, thereby improving the performance and adaptability of the model.

Advantages of parameter dynamic updating include

  • Strong Adaptability: Parameter dynamic updating enables the model to adapt to continuously changing data and environments. By regularly updating the parameters, the model can flexibly adjust itself to accommodate new circumstances, thereby improving performance and accuracy.

  • Reduced Overfitting Risk: Overfitting occurs when a model excessively fits the training data, leading to poor generalization on new data. Parameter dynamic updating can help control the complexity of the model and reduce the risk of overfitting. By dynamically adjusting parameters, the model can better adapt to new data and avoid overfitting to the training data.

  • Enhanced Model Robustness: By dynamically updating parameters, the model can better adapt to noise, variations, and anomalies in the data. This helps improve the robustness of the model, enabling it to perform well in the presence of uncertainty and interference.

  • Increased Security: For security-related applications such as preventing black-market interface cracking, parameter dynamic updating can increase the cost for attackers. By regularly changing parameters, attackers need to continuously analyze and crack new parameters, increasing the difficulty and time cost of the attack.

GeeTest - Parameter Dynamic Update

  • Triggering mechanism: After the validation resources are loaded, JavaScript collects business data and transmits it back to the server. During this parameter transmission process, GeeTest performs parameter dynamic updating.

  • Core Technology: GeeTest utilizes self-developed techniques to achieve parameter dynamic updating. Each version of the JavaScript file contains different dynamic parameters. This means that the parameters used in the validation process are different every day, and black-market actors need to continuously crack the new parameters to bypass the verification.

  • Update Frequency: GeeTest performs parameter dynamic updating once a day.

  • Value: By regularly changing the dynamic parameters on the front end, GeeTest increases the cost of cracking black-market interfaces. Black-market actors need to constantly analyze and crack new parameters to bypass the verification, which increases their workload and time cost.

Third Layer: Global Risk Library Update

What is the purpose of updating the global risk library?

The purpose of updating the global risk library is to timely collect, analyze, and record various risks, threats, and vulnerabilities that appear online in order to effectively respond to and prevent potential security issues. The updating of the risk database serves the following purposes:

  • Risk perception and early warning: By continuously updating the risk database, new risks and threats can be quickly perceived, allowing for proactive preparation and timely measures to address potential security problems.

  • Vulnerability fixing and patching: Updating the risk database provides the latest vulnerability information and security patches, assisting software developers and vendors in fixing vulnerabilities in systems and applications to ensure their security.

  • Security policy updates: Updating the risk database helps security teams and organizations adjust and update security policies to respond to emerging threats and risks.

  • Malicious code detection and blocking: Updating the risk database assists security software and systems in timely identifying and intercepting the latest malicious code, viruses, and network attacks, enhancing network security defense capabilities.

GeeTest - Global Risk Library Update

  • Triggering mechanism: After collecting business data, GeeTest will make risk assessments based on the existing risk database.

  • Processing Methods: When a risk is detected, GeeTest can employ various processing methods such as intercepting requests, requesting further user identity verification, and sending alert notifications to relevant parties. The specific processing measures will be determined based on the actual situation and customer requirements.

  • Core Technology: GeeTest's Global Risk Database is built on a massive amount of data and algorithm models derived from GeeTest services. GeeTest currently serves 360,000 companies, processing approximately 1.9 billion verification requests daily. By continuously analyzing security risk intelligence across the entire network, GeeTest updates the risk database to provide more accurate risk assessment and protective measures.

  • Update Frequency: The Global Risk Database is updated once per day to maintain the ability to perceive the latest risks.

  • Value: The regular updates of the Global Risk Database enable GeeTest to promptly understand and adapt to the constantly evolving network risk environment. By increasing the cost of counterfeit resources used by malicious actors, GeeTest effectively reduces the risk of malicious attacks, thereby safeguarding the data security of enterprises and users. Additionally, GeeTest provides reliable risk assessment and protective measures to offer a secure and reliable online environment for businesses, ensuring smooth operation and a positive user experience.

Fourth Layer: Choose CAPTCHA Types

Benefits of Dynamic Form Variation in CAPTCHA with Multiple Types of Verification

  • Defense against various types of attacks: Utilizing dynamic form variation with multiple types of verification enhances the defense against different types of attacks.

  • Improved usability and user experience: By offering multiple CAPTCHA types, a CAPTCHA system can better adapt to individual user differences and needs. Customers can choose the verification types they find easiest to complete based on their user profile.

  • Resistance against evolving attack algorithms: Employing dynamic form variation with multiple types of verification strengthens the CAPTCHA system's resistance to evolving attack algorithms.

GeeTest - Various Types of CAPTCHA

  • Triggering mechanism: After completing the risk assessment, GeeTest displays different CAPTCHA types based on the user's risk profile. Currently, GeeTest offers 5 CAPTCHA types, and the system backend supports real-time configuration of these types, with configurations taking effect immediately.

  • Core Technology: CAPTCHA types that prioritize both security and user experience.

  • CAPTCHA types: Currently, there are 5 verification methods available for selection. Each form has its unique characteristics and advantages, such as NoCAPTCHA CAPTCHA, Slide CAPTCHA, IconCrush CAPTCHA, etc. These types verify the authenticity of user identity through various interactive approaches, ensuring both security and enhancing user experience.

Here is the demo for your reference

  • Value: The flexible switching between multiple CAPTCHA types increases the cost for illicit actors to crack them. This diversity not only improves system security but also effectively deters malicious activities. Illicit actors need to overcome different verification methods for their attempts, and the variation of these methods poses greater challenges and costs, increasing the difficulty of cracking. Therefore, the dynamic variation of verification methods effectively increases the cost of cracking for illicit actors, safeguarding the security of systems and users.

Fifth Layer: Level of Difficulty

Exploring the Positive Aspects of Difficulty Variation in Different CAPTCHA Types

  • Defense against automated attacks: Difficulty variation in verification forms effectively combats automated attacks. By randomizing or dynamically adjusting the difficulty, the verification system makes it challenging for attackers to develop generic scripts or algorithms to bypass the verification process, increasing the cost and difficulty of the attack.

  • Enhanced user experience: Moderate difficulty variation improves user engagement and experience. Verification that is too simple is prone to attacks, while overly complex verification may confuse or exhaust users. By incorporating moderate difficulty variation, the verification system ensures security while providing a friendlier and smoother user experience.

  • Increased diversity and privacy protection: Difficulty variation introduces different CAPTCHA types or difficulty levels, increasing diversity. Additionally, difficulty variation helps protect user privacy, as attackers find it challenging to extract sensitive information by analyzing the verification process.

GeeTest - Level of Difficulty

  • Triggering mechanism: GeeTest has implemented variations in both the CAPTCHA types and the difficulty level of verification. Additionally, multiple verification configurations can be specified within designated time periods.

  • Core Technology: The verification difficulty level and the number of verifications during specific time periods can be configured, as shown in the following screenshot.

  • Variation Dimension: There are three difficulty levels (Low, Medium, High) available for selection, and custom verification image sets can be provided to increase difficulty, business fit, and user satisfaction.

  • Value: CAPTCHA types are equipped with different difficulty levels, increasing the cost for illicit actors to crack the verification process. This multi-level variation in difficulty presents greater challenges and obstacles for illicit actors during the cracking process, thereby increasing the cost and risks associated with cracking. By adjusting the difficulty level of CAPTCHA types, GeeTest provides stronger security measures, effectively reducing the risk of malicious attacks and safeguarding the security of systems and users.

Sixth Layer: Behavioral Algorithm Models

The advantages of behavior algorithm model updates

The advantages of behavior algorithm model updates are the ability to continuously adapt to new behavior patterns and threat forms, enhancing the system's accuracy, anti-fraud capabilities, and security. By regularly updating the model, it is possible to promptly capture new user behavior patterns and malicious activities and accurately identify and prevent them. The updated model can better adapt to the constantly changing user behavior, reducing the risks of false positives and false negatives, thereby improving the security and reliability of the system. Furthermore, model updates can leverage new algorithms and technologies to enhance the performance and efficiency of the model, enabling the system to perform human-machine discrimination and risk assessment more quickly and accurately, thus improving user experience and protection capabilities. In summary, behavior algorithm model updates can maintain the competitiveness and adaptability of the system, providing stronger security protection and user protection capabilities.

GeeTest - updates behavioral algorithm models

  • Triggering mechanism: After completing the verification interaction, GeeTest regularly extracts samples of anomalous behavior from across the web based on behavioral trajectories and updates the model through training.

  Behavior trajectory discrimination model: The user's real-time behavior trajectory data is captured, and through GeeTest's internal algorithmic decision engine, it identifies abnormal interactions such as JavaScript cracking, simulator cracking, CAPTCHA farms, etc., to achieve real-time blocking of machine simulation behavior.

  • Core Technology: GCN (Graph Convolutional Network) model. It is mainly used to enhance GeeTest's human-machine discrimination capabilities. GeeTest has a large amount of behavioral data, including sequential data of user operations, associated data of IP and devices, etc. These data cover users from almost all industries, and there are explicit or implicit correlations between the data. With the help of GCN, the research and development team can integrate and model this massive data for better pattern recognition.

GeeTest has invested a significant amount of time in testing and research. Through exploration and contemplation in actual business scenarios, it has found that GCN's flexibility is suitable for integrating scattered data information and learning complex correlations.

The picture below illustrates how the behavior trajectory discrimination model identifies abnormal human-machine interaction trajectories and then utilizes GCN to integrate scattered data information, model their complex correlations, and achieve better pattern recognition results.

During GeeTest's testing and training, the unsupervised results formed an abnormal cluster distribution. The independent bright blocks represent the abnormal patterns discovered by GCN. The specific manifestations are shown as follows:

  • Update Frequency: The model is updated once a day.

  • Value: By updating the behavioral algorithm model, GeeTest enhances its ability to recognize and identify anomalous behavior and behavioral trajectories, significantly increasing the cost of simulating human-like behavior for illicit activities. These updates enable better detection and defense against malicious activities, combating the simulation of human behavior by illicit actors, and improving system security and user data protection. Through continuous updates and optimization of the behavioral algorithm model, GeeTest effectively reduces the success rate of illicit actors' simulations of human trajectories, thereby safeguarding systems and users from potential threats.

Seventh Layer: Parameter Encryption

The Significance of Diversifying Parameter Encryption Algorithms

  • Data Protection: The variation of parameter encryption algorithms effectively protects sensitive user data. Even if hackers can steal encrypted data, they can not easily decrypt it due to the changing encryption algorithm.

  • Increased Crack Cost: Different encryption algorithms require different cracking methods and time costs for black-market actors. By flexibly changing the parameter encryption algorithm, it can pose more challenges and difficulties for black-market actors attempting to crack the system, thus increasing the cost of cracking and reducing the risk of system breach.

  • Enhanced System Security: The variation of parameter encryption algorithms provides a dynamic defense mechanism that can adapt to evolving cybersecurity threats.

GeeTest - Variation in Parameter Encryption Algorithms

  • Triggering mechanism:After the completion of verification interaction, GeeTest encrypts the security data of the interaction verification in the verify request. GeeTest has the capability to dynamically change the encryption algorithm.

  • Core Technology: GeeTest employs multiple encryption methods.

  • Types of Encryption: GeeTest offers two types of encryption methods. The specific encryption method can be selected based on actual needs. These two encryption methods enhance the system's security and protect user data.

  AES+RSA encryption

AES+RSA encryption is that it combines the strengths of symmetric and asymmetric encryption. The AES symmetric encryption algorithm ensures efficient data encryption and decryption, ensuring both speed and security in data transmission. The RSA asymmetric encryption algorithm is used to securely exchange and protect the AES key, ensuring key confidentiality and identity authentication. This combined encryption approach provides strong data protection while addressing the challenge of secure key exchange. It is suitable for secure communication, data transmission, and encrypted storage in various scenarios.

  SM4+SM2 encryption

SM4+SM2 encryption lies in the adoption of Chinese national cryptographic algorithms. SM4 is a symmetric encryption algorithm that demonstrates excellent efficiency and security in data encryption and decryption, providing reliable protection for sensitive information. On the other hand, SM2 is an asymmetric encryption algorithm that offers secure key exchange and digital signature functionality, ensuring data confidentiality, integrity, and identity authentication. The combination of SM4 and SM2 encryption provides a comprehensive and dependable data security solution, suitable for various applications such as secure communication, digital identity management, and e-commerce transactions.

  • Value: By flexibly changing the parameter encryption algorithm, GeeTest can increase the cost of black-hat hackers attempting to crack the interface. Different encryption methods pose greater challenges to black-hat hackers, thereby increasing the difficulty and cost of their attempts to break encryption. This flexible variation in encryption algorithms can effectively reduce the success rate of attackers' attempts to crack the interface, enhance the security of the system, and protect user data from potential threats.

GeeTest's 7-layer dynamic protection security strategy is capable of effectively countering attacks from malicious actors. Through continuous research and optimization of existing defense models and security strategies at the technical level, GeeTest is able to address evolving challenges in network security. Our commitment is to provide customers with higher levels of security, increase the cost of cracking malicious actors, protect user data, and minimize user friction to the greatest extent possible.

Start your free trial
Over 320,000 websites and mobile apps worldwide are protected by GeeTest captcha

WenChao Hu

Product Manager @ GeeTest