Reduce form 'spam' using reCAPTCHA

Reduce form ‘spam’ using reCAPTCHA

One of the biggest headaches involved with using online forms is the enormous amount of unwanted ‘spam’ that comes in. In extreme cases, some forms are practically unusable because genuine reactions are far outnumbered by spam-generated reactions. There are a number of solutions to this problem, however no single solution is water tight. GX Software now offers Google reCAPTCHA, a ready to use, out-of-the-box solution that provides the best spam filtering currently available that is renowned worldwide as the market standard.

How does reCAPTCHA work?

How reCAPTCHA works is pretty simple. You add one extra element in an existing form. This element displays the reCAPTCHA interface. The visitor fills in the form as usual, however there is one extra step: they have to select the checkbox “I’m not a robot”:

 

Example of a reCAPTCHA form element

Most of the time, selecting the field is sufficient for submitting the form.

 

Sometimes, however, the visitor has to answer an extra security question with a visual component. For example:

 

This dialog box displays one time. The visitor is deemed to not be a robot if they correctly select the images that adhere to the theme.

How do you add a reCAPTCHA?

Adding a reCAPTCHA element to a form works the same as adding any other element. In the Interactive Forms interface, you drag the reCAPTCHA element to the desired position within a form. Confirm by saving the form and the element is active.

 

Adding a reCAPTCHA element to an interactive form

In order to make the reCAPTCHA functionality available in an XperienCentral installation, you have to perform a one-time configuration. The steps required to do so are described in the following sections.

One-time Configuration

The one-time configuration of Google reCAPTCHA involves three steps:

• Register domain(s) with Google
• Install the XperienCentral reCAPTCHA plugin
• Setup Tool configuration

 

> Register domain(s) with Google:

You need a Google Gmail account for this. Navigate to the URL https://www.google.com/recaptcha/intro/. After logging in, click on “Get reCAPTCHA”. Hereafter you must register the domain(s) where the reCAPTCHA will be active:

 

Next, the reCAPTCHA information for the correct domain(s) will be shown. The two important settings are ‘Site key’ and ‘Secret key’:

The values for these two settings have to be defined in the XperienCentral Setup Tool.

Under “Advanced Settings” you define how strict the reCAPTCHA is:

It is recommended that you select “Easiest for users”. If you later find that you are receiving a lot of spam, you can adjust this setting accordingly.

 

> Installing the XperienCentral reCAPTCHA plugin:

Contact GX Customer Services to request the reCAPTCHA plugin. You add the plugin to XperienCentral using the “Plugins” panel in the XperienCentral Workspace:

 

> Setup Tool configuration:

In the XperienCentral Setup Tool the ‘wmsgooglerecaptcha’ category has been added. Here you must define the secret key and site key that you received from Google:

 

With these three easy steps, the Google reCAPTCHA is now installed and configured.

Technical background

The strength of the Google reCAPTCHA is the automatic distinction between “regular” visitors and automatic spambots (robots). The algorithm behind the technology is a closely-guarded secret at Google. It is most likely the case that the algorithm determines humans from robots based on the behavioral data that is retrievable from the browser.

This means that a newly installed, clean browser makes it harder to spot robots, however most real visitors are easily distinguishable from spambots. Once in a while a regular visitor has to satisfy an security extra step by answering a security question. This extra security question consists of a simple visual test like the one shown below:

You can find more background information at: https://www.google.com/recaptcha/intro/