GeeTest, the bot detection and mitigation provider, announces that it officially launched a new bot management solution called "3 Shields" to battle automated bot attacks in 2022.

The security vendor's solution is designed to detect and migrate bot attacks that target websites, apps, and APIs with machine learning algorithms that adapt to ever-changing bot attacks. GeeTest's 3 Shield solution includes 3 products that are developed from three key strengths of cybercriminals, which are simulating human behavior, faking devices, and forging legal identities. GeeTest claims that according to their 9-year bot fighting experience, those three concepts are fundamentals of most cyber-attack methods and attackers still keep generating new ways to attack based on those concepts.

"While companies worldwide have moved more of their business online, cyber attackers have also increased their use of bots to automate and expand their attacks." Fang Long, GeeTest VP explains, "When it comes to 'the battle against bots', most companies prepare inadequately. One of the main issues that enterprises face is not being able to identify bots accurately and smartly."

Bot attacks have been rising in the past two years. In 2021, over a quarter of internet traffic was bad bots which accounted for 25.6% of all traffic. That is a 6.2% increase over the previous year, following a 41% growth in bot attacks in the first half of the year.

And these are just the tip of an iceberg. Automated bots carry attacks like ATO, credential stuffing, and ticket scalping that has been nagging online businesses whether small or large for a long time. It would be less irritating if automated bot attacks only affected businesses financially. It turns out that bot attacks also negatively impact businesses, leading to brand reputation damage and customer loss.

That's why GeeTest upgraded the bot management solution to 3 Shields. They want to make 3 Shields not only a security solution but also a tool that can help companies purify their traffic and get real customers that can convert.

About 3 Shields

3 Shields is a bot management solution belonging to GeeTest, based on GeeTest's exclusive AI models and 9-year experience of in defending bad bots. Focusing on the research of cyber attackers and bot attacks, GeeTest provides 3 Shields as a comprehensive solution to protect websites, apps, and APIs from bot attacks.

The solution includes three products: Behavior verification, Device verification, and Identity verification.

Behavior verification

To retaliate against automated bots mimicking human behavior on websites, GeeTest found CAPTCHA still is a fast and effective tool despite some criticisms. GeeTest made a major upgrade to their flagship product GeeTest CAPTCHA. The new upgrade is called Adaptive CAPTCHA which is the 4th generation of GeeTest CAPTCHAs. It ensures both ease of use and security in every step of the online customer journey.

Key features

• Adaptive security strategies: 7-layer dynamic security strategy changes with the patterns that bots attack and transforms to 4374 security strategies per defense cycle, increasing 3.714 times the cost of cyber attackers.
• Fully customized protection: to suit every client's security demand, GeeTest Adaptive CAPTCHA allows clients to configure CAPTCHA challenge frequency, difficulty, and types for suspicious requests.
• Seamless integration: GeeTest Adaptive CAPTCHA offers three modes (Intelligent Mode, Invisible Mode, Direct Platform Integration) to make CAPTCHA service integrate with the client's own security system.
• Uninterrupted user experience: 6 CAPTCHA types include NoCAPTCHA CAPTCHA, Slide CAPTCHA, IconCrush CAPTCHA, Gobang CAPTCHA, Icon CAPTCHA, which suit various security demands without interrupting the user experience.

Try demo

Device verification

Cloud and group control platforms allow cybercriminals to use different devices for different attacks which helps them bypass device-based verification. Device fingerprinting or machine fingerprinting used to be an efficient way to identify users' devices by checking their IP, cookie, etc. However, with the help of cloud/group control platforms, the devices that attackers use can have unique information which is harder to detect.

GeeTest built a network on their device-based verification product. Instead of combining certain attributes of one device to identify it as a unique device, GeeTest took one more step, adopting the GCN algorithm to create a network of all devices they've detected, and in turn, to use the network to analyze new devices.

Key features

• Visualized device network: the network links suspicious interactions and accounts with devices and helps GeeTest system to predict the potential risk of the device and its related users and accounts.

• Multidimensional detection: apart from a specific configuration of a device, such as IP, cookies which are not unique thanks to the cloud/group control platform, GeeTest brings more dimensions into detection. For example, device motion data tells whether the device is in a position for a long time. If so, the device might be a cloud/group-controlled device.

• AI-based models: GeeTest models let clients label devices as trusted devices or suspicious ones, and learn from clients' decision-making process in order to detect more accurately in the future.

(GeeTest device-based verification product is soon available for clients worldwide after Beta testing is finished.)

Identity verification

Identity verification ensures that there is a real person behind an online interaction. As cyber attackers use stolen credential information to back up automated bot attacks like scalping, it is necessary to verify each user's identity as long as online business owners want high-quality traffic.

(GeeTest identity verification is soon available for clients worldwide after Beta testing is finished.)