Fraud prevention solution with Google reCAPTCHA [Beta]
Beta
Please note that it is a Beta feature.
Important
If you decide to use Google reCAPTCHA, you need to update the respective endpoints on all platforms where you use them (web, apps).
The respective endpoints are: Register and/or Payment with Adeyn, Payment with PayPal Express Checkout, Purchase without payment details - depending on what you want to secure (registration and/or purchase processes) and for which processes you activated Google reCAPTCHA in the Cleeng Dashboard).
Introduction
In the current digital landscape, websites face an increasing vulnerability to spam and abuse attempts. This poses a significant challenge for online platforms seeking to maintain the integrity of their user base and protect against malicious activities.
One of the key methods employed to address this issue is the implementation of CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). CAPTCHA is a security feature designed to distinguish between human users and automated bots. By presenting users with a challenge during the registration process, CAPTCHA helps verify the authenticity of the individual creating the account. This verification step serves as a barrier against automated account creation and ensures that only genuine users are able to register on the platform.
The primary function of CAPTCHA is to enhance the security of online systems by preventing spam accounts and unauthorized access. By requiring users to complete a task that is easy for humans but difficult for bots, CAPTCHA reduces the risk of fraudulent activities and helps maintain the quality of user interactions on websites.
Recommended Solution
One of the protection technologies is Google reCAPTCHA - a security service from Google that helps protect websites from spam and abuse.
Google reCAPTCHA is a recommended solution to be used by broadcasters who are using Cleeng authentication and Cleeng MediaStore API directly.
By adding reCAPTCHA to your MediaStore API integrations you will be able to secure the registration and/or purchase processes.
Note
Currently, Google reCAPTCHA works only with direct MediaStore API integrations.
The following sections provide suggestions and guidance on the implementation of this fraud protection solution.
Integration Guide
Follow the steps below to integrate Google reCAPTCHA with your Cleeng integration:
- Configure Google reCaptcha in Google
- Integrate your application with Google reCAPTCHA
- Adjust MediaStore API integration - add
captchaValue
param - Configure Google reCAPTCHA in Cleeng Dashboard
1. Configure Google reCAPTCHA in Google
Follow the Google reCAPTCHA integrations guide and generate site key and secret key.
-
Create Google Account and go to the Google reCAPTCHA admin page.
-
Register a new page on https://www.google.com/recaptcha/admin/create.
-
Add a label (name of your service, site).
-
Select challenge reCAPTCHA type:
-
Choose Invisible reCAPTCHA badge if you want to make a minimal effort on the customer (challenge will be called only if needed - captcha will suspect that the user is suspicious)
-
Choose “I’m not robot“ Checkbox if you want to show checkbox to the user every time captcha is needed.
-
-
Add your domain.
-
You can now copy your keys (site key, secret key).
2. Integrate your application with Google reCAPTCHA
Implement the Google reCAPTCHA on your client application (use the site key to generate reCAPTCHA value).
The selection depends on you, here are suggested options:
- You can follow Google documentation
- You can use one of the existing npm libraries for quick integration. For example https://www.npmjs.com/package/react-google-recaptcha in case of using React.
3. Adjust MediaStore API integration - add captchaValue
param
captchaValue
paramPass the Google reCAPTCHA value to selected endpoints as the captchaValue
body param.
Decide which step in the user journey you want to secure (registration and/or purchase) and add captchaValue
parameter to the body request of respective endpoints:
- VERIFY CAPTCHA ON REGISTER - this one will secure the Register endpoint
- VERIFY CAPTCHA ON PURCHASE - this one will secure the purchase endpoints:
- Payment with Adyen endpoint - used for payments with card, Apple Pay, Google Pay via Adyen
- Payment with PayPal Express Checkout endpoint
- Purchase without payment details endpoint
Important
If Google reCaptcha is activated in the Cleeng Dashboard, and
captchaValue
is not present in the body request, such a request will be rejected.
4. Configure Google reCAPTCHA in Cleeng Dashboard
Add Google reCAPTCHA secret key as the secret and select when you want to validate your captchaValue
.
-
Go to the Cleeng Dashboard -> Admin -> Integration Hub page and select Google reCAPTCHA.
-
After selecting Google reCAPTCHA you will be taken to the configuration screen.
-
Paste the Google reCAPTCHA secret key in the Secret field.
-
Decide which step in the user journey you want to secure (registration and/or purchase) and turn the respective buttons to On.
Note
Default values may be updated by the external system. If you want a value to remain unchanged, manually enter the value instead of relying on the default.
If you change a default value and want to go back to the original, you can easily do so by selecting the Revert to default button.
-
Click the Save button to save the settings.
-
Connect the Google reCAPTCHA integration when you are ready by clicking the Connect Google reCAPTCHA button.
Updated about 2 months ago