Cloudflare
has announced the open beta of Turnstile, an invisible alternative to CAPTCHAs that anyone can use on their website by calling a simple API. It hopes that Turnstile will allow you to get onto websites quicker and in a less frustrating way than solving a CAPTCHA puzzle or entering a bunch of letters and numbers.
Instead of the user having to interact with a simple puzzle, the Turnstile system uses non-intrusive challenges based on telemetry and client behaviour during a session. Cloudflare said that as Turnstile challenges become less effective, they will be rotated out for new ones, keeping malicious actors at bay. Explaining how it works in a bit more detail, Cloudflare said:
“With Turnstile, we adapt the actual challenge outcome to the individual visitor/browser. First we run a series of small non-interactive JavaScript challenges gathering more signals about the visitor/browser environment. Those challenges include proof-of-work, proof-of-space, probing for web APIs, and various other challenges for detecting browser-quirks and human behavior. As a result, we can fine-tune the difficulty of the challenge to the specific request.
Turnstile also includes machine learning models that detect common features of end visitors who were able to pass a challenge before. The computational hardness of those initial challenges may vary by visitor, but is targeted to run fast.”
www.neowin.net
