This is about to change though… Browser vendors like Brave and Opera have had a proxy or VPN solution included for a while in their software to help their users preserve their anonymity while browsing the Internet. With the latest version of iOS, Apple has joined the party with their iCloud Private Relay for Safari, which will funnel the user request through a proxy service and obfuscates its IP to the webserver. Although Safari doesn’t have the biggest market share when it comes to software to surf the web, this move definitely makes proxy usage more accessible and mainstream.
A request coming from a proxy has never been a strong indicator for us to clearly identify fraudulent activity and we typically rely on multiple signals in order to ascertain the suspicious nature of a request. However, the recent move from Apple means that the “proxy” signal will further lose its value. At the same time, we’ll also lose visibility on the actual location of the user (although Apple seems to indicate that we’ll still be able to get their approximate whereabouts). From the IP address, we can also typically infer theinfer from the ISP or company that owns the IP that information obviously will be obfuscated and show the iCloud private relay service. These sorts of changes in the Internet ecosystem to help improve user privacy are unfortunately common and they increasingly blur the line between legitimate and suspicious traffic and can have an unexpected consequence on user security and experience when using various websites.
So, my job as head of research at Arkose Labs, has gotten that much more complicated, and fun I suppose? We’re working hard to keep your users safe and secure with the highest accuracy. The good part though, At Arkose Labs we never block the traffic, even if we occasionally get it wrong, all your legitimate users will have to do is play a simple game to authenticate themselves and prove they are legitimate.
Share The Blog
