by Jim Masters • Dec 6, 2022
Arkose Labs, a specialist in bot management and account security, has released Arkose MatchKey with the intent of creating challenges that are designed to meet cyber threats head-on, the company announced in a prepared statement.
Catching Threats Through Stronger CAPTCHA
A Completely Automated Public Turing test to tell Computers and Humans Apart, or CAPTCHA, is a type of challenge-response security authentication. A CAPTCHA helps protect users from spam and password decryption by asking them to complete a simple test to prove they human and not a computer trying to break into a password-protected account.
Traditional CAPTCHAs don’t work because bots get around them, but Arkose MatchKey “is the strongest CAPTCHA ever made,” Arkose Labs asserts. Arkose explained that fraudsters are getting creative, and chief information security officers need a diverse set of solutions to be able to detect and stop them. Thus, CAPTCHAs continue to prove effective especially when combined with a defense-in-depth approach, such as Arkose Detect.
As Ashish Jain, Arkose Labs’ chief technology officer, explained:
“Consumers find traditional CAPTCHAs frustrating and fraudsters have found ways to get around them. Add on to that fraudsters are scaling their attacks to take advantage of fluctuating economic conditions and you get a massive increase in account takeovers, automated credential stuffing, and fake account registrations. As a result, marketplace demand for a completely new approach to CAPTCHAs is at an all-time high. It’s exciting to be the first to answer the market’s needs.”
Arkose noted that the same MatchKey challenges that are quick and easy for good users are also designed to present adversaries with thousands of variations, raising the time, effort and expense they must invest in solving them. Thus, when the return on investment is negligible, adversaries move on to less protected targets.
Jain described Arkose MatchKey an intuitive challenge-response solution that thwarts attackers from accessing companies’ network systems. It does so by “applying strategic friction based on challenges that evolve through constant iteration.”
Describing the advantages of MatchKey, Jain said:
“Traditional CAPTCHAs’ human solvability-to-maintaining security ratio has been way out of kilter for far too long, which is why we embarked on an 18-month journey to innovate a new solution. Arkose MatchKey adds more arrows into CISOs’ quivers. Now, they can have strong defensibility against attackers while improving consumer usability.”
CAPTCHA Challenges in 109 Languages
Unlike traditional CAPTCHAs, Arkose MatchKey optimizes the user experience through a distinct gamified user interaction model that requires matching of a key image to the correct answer based on the instructions supplied, the company said. Arkose MatchKey challenges can be translated into 109 languages, which means enterprises can expect a universal solution sensitive to cultural differences.
Himanshu Bari, vice president of Product Management for Arkose Labs, noted how many bot management solutions are only able to tune the detection rules:
“Unlike other vendors, our automated systems plus our 24/7/365 SOC and threat research teams continuously tune Arkose MatchKey challenges’ configuration and images on top of the detection rule tuning to make the attackers go away for good.”