
CDN provider Cloudflare has introduced a user-friendly CAPTCHA alternative called Turnstile. The source code of the project is available on GitHub. You can try a test example of the system operation now.
Auxiliary protection against bots and DDoS attacks from Cloudflare works without user intervention. A person in the browser does not need to enter characters or choose between pictures. Instead, Turnstile makes a specific set of calls using JavaScript from the project’s API in the browser.
To use Turnstile, web developers need to register with Cloudflare. Access to the protection system is provided free of charge. The HTML snippet for activating protection looks like this:
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>..
The developers explained that the Turnstile algorithm using AI takes into account browser telemetry and user behavior in the system . This allows the verification to pass within a few seconds.
Cloudflare added that the company does not collect any data on this verification and does not store logs after the user passes the security system, and all requests within the verification are encrypted. The developers have integrated Turnstile with privacy tokens in iOS 16 and macOS 13. They claim that this system, which is still in beta, can provide a private and secure way to secure a website.
private companies access to the Yandex SmartCaptcha service for user verification, combating robots and DDoS attacks. The developers explained that more than 50% of users will only need to click “I’m not a robot” to pass the test. If you still have to enter characters, then in 85% of cases a person will recognize the text the first time, unlike bots. SmartCaptcha independently generates random phrases without using real pictures with text.