Improve spam prevention #4223
Comments
|
I'll be exploring the different CAPTCHA options with the hope of finding one that fits our needs. I'll record this adventure in this CAPTCHA Google Doc. |
|
Currently: working on a proof of concept for Hcaptcha. Proposal should be up by this week. Once we determine the approach, we'll create a card to iron out acceptance criteria for implementation. |
|
Book time with product on the recommendation, to iron out costing, etc. |
|
hCAPTCHA picture puzzle flow hCAPTCHA accessibility flow |
|
Next steps:
|
|
To do:
|
|
Pete meeting with TurnStyle and FriendlyCaptcha this week |
|
Email to SSC regarding CAPTCHA procurement sent |
|
Follow-up emails sent, will reach out at the director level if there is no response in another week. |
Threat level to protect against
Spam prevention level 2: We can stop a malicious actor who is writing a custom script to spam a single (or multiple) GC Form(s).
ITSG-33 controls: SC-5, SI-10
User stories
As a program administrator processing form responses
I need to focus my time on legitimate responses
So that I can decrease the processing time of requests
As someone using assistive technology like, Voiceover, JAWS, or Dragon Naturally Speaking
I need to be able to verify that I am not a robot or a malicious actor
So that I can submit the form
As someone with low technical proficiency who doesn't know much about bots or spam
I need to understand what I am being asked to do and why
So that I can successfully and confidently verify that I’m a human and submit my form
The text was updated successfully, but these errors were encountered: