Q:How does GeeTest CAPTCHA identify and defend against malicious traffic?
A:The API and simulator cracking are the mainstream methods currently. The former directly initiates parameter requests to the API after the reverse frond-end protocol, it causes the cost and efficiency of cracking to be high. The latter initiates automated requests through the web-side simulator, which is low in cost and efficiency. For API cracking, GeeTest uses the front-end dynamic update mechanism to detect API requests that do not pass through the client container. For the simulator cracking, it detects the simulator feature identifiers to distinguish automated requests, and updates the visual model on the Q&A verification resources and adds workload. Computational proof mechanism to achieve defense against abnormally high-frequency requests.

Q:I am using CAPTCHA V3 but I want to upgrade to CAPTCHA V4, what should I do?
A:CAPTCHA V4 is the newest product of GeeTest. We have reconstructed verification architecture to improve stability and security capabilities. It is regarded as a new and independent set of verification products, so compatible parameters and APIs on the basis of CAPTCHA v3 are not supported. If you want to upgrade to CAPTCHA v4, please contact your account manager to activate CAPTCHA v4 and refer to the documentation to redeploy it. Since the architecture of CAPTCHA v4 has been optimized, it can be deployed in half a day.

Q:What is the difference between CAPTCHA v4 and CAPTCHA v3?

  • At the stability level, CAPTCHA V4 is fully upgraded in business, database architecture, maintenance and other aspects to ensure stability of disaster recovery. Since the architecture has been optimized, and stickiness between requests is removed, the service request will more stable than before.
  • At the user experience level, the request stickiness is lifted, so that the C-side and B-side are able to request the nearest nodes respectively, it will reduce the latency and increase the user experience extremely.
  • At the security defense level, CAPTCHA v4 uses more security technologies and rules for flexible configuration, also applies the newest POW (Proof of Work) technology to detect high-frequency malicious requests to protect your applications.

Q:Can I deploy many scenarios with one ID?
A:Yes. However, we suggest you use different ID in different scenarios. It will help you to analyse the data in every individual scenario effectively.

Q:Can you introduce the logic of intelligent mode? What kind of CAPTCHA types are recommended?
A:When you choose NoCAPTCHA CAPTCHA with other CAPTCHA types, GeeTest intelligent mode will present suitable CAPTCHA types based on each request’s risk level which is generated by its behavior characteristic, device network environment and so on. The challenge will be passed directly if there is no risk occurring in your business, otherwise your checked CAPTCHA type will be triggered by the risk. In some scenarios that are vulnerable to attacks and are used infrequently, such as login, registration, it is recommended to specify Icon CAPTCHA. In the high frequency scenarios, such as search, it is recommend to configure NoCAPTCHA CAPTCHA.

Q: Can you provide npm package?
A: We will not provide the official npm package currently. Firstly, npm package will involve many compatibility issues, which will reduce the stability of captcha. Secondly, if npm package is used, the security strategy update of captcha will not be synchronized in time. It will result in clients not being able to use the latest technology, which will reduce clients and users experience. In addition, we didn’t find our competitors (reCaptcha, hCaptcha, funCaptcha) providing the official npm package.

Q:Can I hide the success pop-up window in NoCAPTCHA CAPTCHA type?
A:Yes, please refer to the parameter “hideSuccess”.

Paramet Type Specification Default Value Optiinal Value
hideSuccess boolean Whether hide success pop-up window in bind mode, which is displayed by default. false true
- (GTCaptcha4Session *)captchaSession {
if (!_captchaSession) {
NSString *captchaID = @"32位验证ID";

NSMutableDictionary *additionalParameter = [@{} mutableCopy];
// whether hide the interface
// @(1) refers to hide
[additionalParameter setValue:@(1) forKey:@"hideSuccess"];

config.additionalParameter = additionalParameter;

_captchaSession = [GTCaptcha4Session sessionWithCaptchaID:captchaID configuration:config];
_captchaSession.delegate = self;

return _captchaSession;
HashMap<String, Object> hashMap = new HashMap<>();
hashMap.put("hideSuccess", true);
GTCaptcha4Config build = new GTCaptcha4Config.Builder()
Was this helpful?