New Capabilities Make Automated Attacks Increasingly Difficult and Expensive, Further Disrupting the Web Attack Lifecycle
SAN MATEO, Calif., January 27, 2022 — PerimeterX, the leading provider of solutions that detect and stop the abuse of identity and account information on the web, today announced advanced enhancements to its platform with the 2022 Winter Release. The new release supports a positive digital experience for people by decreasing the friction they experience on applications that leverage the platform while making it difficult and expensive for attackers using automated bots. This helps digital businesses build customer confidence and loyalty, reduce operational costs associated with unproductive bot traffic, and maintain compliance with the growing regulations on personal information and privacy.
“The new capabilities in our Winter Release are designed to expand protection of users’ account and identity information everywhere along their digital journey. By providing layered defense solutions that disrupt the web attack lifecycle, we’re enabling organizations to efficiently protect the apps that power our daily lives,” said Omri Iluz, CEO and co-founder of PerimeterX.
Supporting a positive digital experience for consumers
PerimeterX Human Challenge, the first user-friendly verification that protects web and mobile applications by presenting a visual challenge to help easily differentiate humans from bots, is now the default user verification option in the PerimeterX Platform. Human Challenge has strong anti-tampering mechanisms to detect and deter CAPTCHA-solving bots and CAPTCHA farms. This change makes online user verification less challenging and more human, helping businesses reduce abandonment rates and improve conversions. For digital businesses using Human challenge, PerimeterX found that solve times were 4 to 6 times faster than with reCAPTCHA and abandonment rates were 3 to 5 times lower, a winning combination.
To further improve human interaction, PerimeterX also announced the availability of Hype Sale Challenge. Used in conjunction with the PerimeterX Hype Sales Protection — a specialized offering that takes the sophisticated bot management of PerimeterX Bot Defender and pairs it with highly specialized rules to improve how customers experience limited-time, limited-inventory sales — Hype Sale Challenge is another innovation to make sure real people, not bots, get limited edition products like sneakers, gaming consoles, collectible cards and coins, fashion accessories and tickets for sporting and entertainment events. Served instead of CAPTCHA challenges, the Hype Sale Challenge is a user-friendly way of weeding out bot traffic and providing a fair chance for human buyers and loyal customers to get your products, while also enabling an e-commerce site to handle traffic surges.
Disrupting the attacker economy
Building on the recent announcement of PerimeterX Credential Intelligence, a solution that puts an end to the viability of credential stuffing attacks and builds a strong disincentive for future attacks on the site, the Winter Release now features scenario-optimized Proof of Work (PoW) capabilities. Similar to crypto mining, PoW requires computational effort to be expended on a site before allowing the completion of common tasks such as adding an item to a shopping cart or verifying a credit card number. Designed to consume a large amount of energy and compute cycles when attackers attempt to do a fraudulent task at scale, Proof of Work makes it expensive for an attacker to complete. Since it has a significant impact on the ROI of an attack, PoW builds a strong economic disincentive for future attacks on a site protected by PerimeterX.
Expanded support for hybrid web app development
In addition to these consumer oriented features, the winter release includes capabilities that make it faster and easier for web app developers to work in their organization’s hybrid environment. These include:
- New edge enforcers for Akamai and Fastly Compute@Edge, in addition to a new integration with Apigee API Management. This gives developers the freedom to choose their cloud infrastructure while enabling flexibility to include other best-of-breed web app components in their stack, reducing vendor lock-in and the need to rip and replace existing investments.
- Highly granular support for GraphQL, one of the most popular API protocols. This includes more complete protection and greater visibility into the API requests including analysis of the full request, taking into consideration the specific operation and schema which allows the application of operation-based policies.
- Improvements to both the web and mobile SDKs to dramatically shorten integration time by handling common but complex integrations “out of the box.” This includes enhancements to the web integration to automatically handle APIs within web applications without any code or application changes by your developers.
- Enhancements to the PerimeterX Mobile SDK, which now has the ability to identify most standard mobile libraries and connect to them directly within the mobile app. This makes it easy for developers to integrate PerimeterX into their solutions to handle blocks or challenges while minimizing the need to write custom code or modify their application.
- The SDK Doctor, added to the Mobile SDK to help simplify mobile integration and testing. It is a tool that simulates different user flows and actions in an app to help developers verify the mobile SDK integration and easily test different conditions and actions without the need for additional code or changes to the application.
To learn more about how your organization and your consumers and account holders can benefit from the PerimeterX Winter Release, contact us for a personalized demo.
PerimeterX is the leading provider of solutions that detect and stop the abuse of identity and account information on the web. Its cloud-native solutions detect risks to your web applications and proactively manage them, freeing you to focus on growth and innovation. The world’s largest and most reputable websites and mobile applications count on PerimeterX to safeguard their consumers’ digital experience while disrupting the lifecycle of web attacks. PerimeterX is headquartered in San Mateo, California, and at www.perimeterx.com.