Additional security features: Device Fingerprinting and Anomaly Detection

In March, we announced CAPTCHA support for waiting rooms. Now, we're taking that out of beta, and introducing two new security features: device fingerprinting and anomaly detection. 

CAPTCHA

Earlier this year, we enabled Google reCAPTCHA as a beta feature for all Standard, Plus, Professional and Enterprise CrowdHandler plans. Now, this feature is out of beta and is fully available on Standard plans and above.

More: Read our original CAPTCHA feature announcement 

More: Read the Google reCAPTCHA integration user guide

New: Device Fingerprinting

This month, we’re introducing device fingerprinting.

When users join your waiting room, they are anonymous. To ensure we can identify them throughout their visit, we issue each user with a unique token, which is generated as they join the queue. 

However, because it is possible for a savvy user to identify and share tokens that they perceive to have a favourable position, we have introduced device fingerprinting as an additional security feature. 

Fingerprinting identifies a combination of attributes in each user's individual browser or device, creating a ‘fingerprint’. Then, if a user with a specific token polls the waiting room using a device that doesn’t match the original fingerprint, they are issued with a new token. 

In other words, if user A shares their token with user B, user B will be issued with a new token, and will join the end of the queue, as if they had not received the shared token.

More: Read the Device Fingerprinting user guide

Fingerprinting is now available on Standard plans and above.

New: Anomaly Detection

We’re also introducing a new feature, which will be running in beta for a while: Anomaly Detection. 

Why? Well, attacks on waiting rooms and drops come in different forms. As well as human users collaborating to game the queue, by generating lots of positions or sharing ‘good tokens’, sales and ticketing websites also need to protect against an ever-growing range of bots. 

These might include drop checkers (aka spinner bots) probing pages to try and get a head start as soon as the product drops; acquisition bots trying to reserve products and stop genuine users from accessing them; or expediting bots trying to make purchases, often using fraudulent cards... To name a few. 

But anomaly detection can help.

Anomaly detection works by looking at the User Journeys of users on your domain, both in the waiting room and on your site, and finding sessions with outlier patterns.

By analysing a number of factors about users, in real time, and comparing each journey against those made by the majority associated with a waiting room, CrowdHandler can give each user a risk rating of 0 to 100. 

You can then inspect and filter the suspect sessions and either delete their token, or block the associated IP addresses.

If, after careful inspection of the flagged sessions, you are confident we are correctly identifying suspect behaviour, you can set a risk threshold to auto-block IPs above a certain risk rating. 

More: Read the Anomaly Detection user guide 

Anomaly detection is now live as a beta feature on Professional plans and above. 

During this beta period we will continue to analyse live traffic, and we welcome any feedback about the usefulness of the feature.

Attracting the wrong kind of crowd? We’ll handle it

Don’t forget, all of these new security features are in addition to IP based firewall controls, which allow you to block ranges and prioritise ranges, and which are already available on Plus plans and above. 

Device fingerprinting and anomaly detection are the latest in a series of security features from CrowdHandler - a series to which we are constantly adding and improving, so watch this space.

Sign up