Top Searches
- News
- City News
- mumbai News
- Co-Win captcha gone, new fix against ‘booking bots’
Co-Win captcha gone, new fix against ‘booking bots’
Representative Image
PUNE: The Union health ministry has removed the captcha code option before bookings on Co-Win, a central government official told TOI on Friday.
The government has also limited the number of slot searches per user on the portal, which is likely to prevent bots or browser extensions from automatically — and continuously — searching for slots.
“Captcha was originally introduced to deter distributed denial-of-service (DDoS) attacks, but it was proving to be an inconvenience for those booking slots. With technology advancing, simple captchas can be tampered with and the introduction of more complex captchas would have proved inconvenient to users,” the official said.
He said additional security measures were now in place on the portal. “The number of searches for a slot has now been restricted to 15-20, after which the portal will log the user out. This would prevent bots from playing with our systems and carrying out multiple searches at any point in time,” he said.
In a recent report, TOI had highlighted how newly introduced browser extensions were being employed by coders to bypass the captcha feature on Co-Win, with claims that such programmes could automatically book appointments on the portal, including entering the code.
Founders of apps and websites, which use Co-Win’s APIs to alert citizens about the availability of vaccination slots as soon as they open, said the additional security measures, introduced on the night of June 3, seemed to help people book slots manually.
Ankita Garg, co-founder of Questrack, an app that sends vaccination availability alerts for more than 75 cities, including Mumbai and Pune, said, “The system will now automatically log a user out after 20 searches for slots on the website. The user will have to log in again to continue. The same rule is applicable to coders accessing APIs. After 20 calls from the same account, that user will be logged out.”
Garg said the rationale behind the move was to discourage bots, which can make nonstop calls to Co-Win APIs to fetch slot availability and book slots. She said slot availability has improved for the public.
The government has also limited the number of slot searches per user on the portal, which is likely to prevent bots or browser extensions from automatically — and continuously — searching for slots.
“Captcha was originally introduced to deter distributed denial-of-service (DDoS) attacks, but it was proving to be an inconvenience for those booking slots. With technology advancing, simple captchas can be tampered with and the introduction of more complex captchas would have proved inconvenient to users,” the official said.
He said additional security measures were now in place on the portal. “The number of searches for a slot has now been restricted to 15-20, after which the portal will log the user out. This would prevent bots from playing with our systems and carrying out multiple searches at any point in time,” he said.
In a recent report, TOI had highlighted how newly introduced browser extensions were being employed by coders to bypass the captcha feature on Co-Win, with claims that such programmes could automatically book appointments on the portal, including entering the code.
Founders of apps and websites, which use Co-Win’s APIs to alert citizens about the availability of vaccination slots as soon as they open, said the additional security measures, introduced on the night of June 3, seemed to help people book slots manually.
Ankita Garg, co-founder of Questrack, an app that sends vaccination availability alerts for more than 75 cities, including Mumbai and Pune, said, “The system will now automatically log a user out after 20 searches for slots on the website. The user will have to log in again to continue. The same rule is applicable to coders accessing APIs. After 20 calls from the same account, that user will be logged out.”
Garg said the rationale behind the move was to discourage bots, which can make nonstop calls to Co-Win APIs to fetch slot availability and book slots. She said slot availability has improved for the public.
FacebookTwitterLinkedinEMail
Start a Conversation
end of article
Popular Categories
Hot on the Web
Top Trends
Corona cases in IndiaJuhi ChawlaMaharashtra lockdown newsDelta variantCoronavirus India update liveDelhi lockdown newsKarnataka lockdown newsMaharashtra UnlockAnkur BhatiaDonald TrumpAnthony Fauci Emails leakTamil Nadu lockdown newsPfizer covid vaccineBlack FungusCovid vaccine registrationCowin vaccine registrationHoroscope todayLatest News
Trending Topics
Living and entertainment
Copyright © 2021 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service