Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events

Score based Google reCAPTCHA in an Adaptive Form

Avatar

Employee

10/17/23

Score based Google reCAPTCHA in an Adaptive Form  

by Navneet Agarwal 

navneeta_1-1697524479504.png

An adaptive form integrated with reCAPTCHA Enterprise can revolutionize a form experience. By incorporating reCAPTCHA at the form level, you can validate user interactions and detect potential bot activity. You can also filter out or send the suspected submissions for manual validation.

For example, for a bank a loan application form serves as the gateway for users to apply for their desired loan. The bank can use an adaptive form integrated with reCAPTCHA Enterprise to filter out the form submissions that return a value less than the threshold limit.

In this blog post, we'll delve into a loan application form that helps users apply for various types of loans, such as vehicle loans, home loans, or personal loans. Along with providing information on best practices and information on how to configure reCAPTCHA Enterprise for such an Adaptive form, the post would also provide insights for form authors, workflow authors, and end users to understand their respective roles in this process.

Form Author: Create a Loan Application Form

A loan application form serves as the gateway for users to apply for their desired loan. It is designed to be adaptable, ensuring a smooth user experience while capturing essential information required for loan processing. Along with capturing the basic information and documents required to apply for the loan, the application form also captures the annual income, loan amount, and employment type of the user.

 

Form Author: Add Google reCAPTCHA Enterprise to the form 

By following a few simple steps, a form authors can configure reCAPTCHA Enterprise for the loan application form. The form author also sets a threshold limit.

ReCAPTCHA Enterprise uses advanced risk analysis techniques to distinguish between humans and bots. ReCAPTCHA Enterprise. ReCAPTCHA Enterprise returns a score in the range of 0 to 1 for every request made to it. The score 1.0 indicates that the interaction poses low risk and is very likely legitimate, whereas 0.0 indicates that the interaction poses high risk and might be fraudulent. While creating the reCAPTCHA Configuration in AEM, you can select a threshold score. Any request which has the score greater than equal to threshold will be forwarded for the relevant submit action configured with your form. Any request that has score less than the threshold will be stopped at the client side and a non-alarming alert will be shown to the end-user so that they do not suspect that the captcha has identified them as a bot. This non-alarming message can be configured in the captcha component of AF.

AEM Forms is integrated with both type of reCAPTCHA Keys, i.e. Score-based key and checkbox key , you can choose any of the keys based on the requirement. The detailed differences in both the keys can be read at
https://cloud.google.com/recaptcha-enterprise/docs/choose-key-type#differences-keys
For the purpose of this blog we will be using the score-based key.


Google recommends to keep 0.5 as the threshold in the starting which can be adjusted later on, depending upon the submissions. If the user wants to use this score to take a decision for the forms, then it will be available in the form submission data. The samples for the same are available at : https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/forms/adaptive-form...


In the starting to avoid any false positives to be labelled as bots we will make use of workflow, to manually review the submissions having scores greater than 0.5 and less than 0.8.

  • If the reCAPTCHA score less than 0.5, the loan application is not submitted and a non-alarming message is displayed to the applicant.
  • If the reCAPTCHA greater than 0.5, the loan application, along with the Google reCAPTCHA score, is submitted to an AEM workflow.

According to the loan applications being reviewed by the validator we can further calibrate the threshold and this manual review step process to avoid false positives can be avoided.

Workflow Author: Create an AEM Workflow

Based on the reCAPTCHA score, the workflow would determine the path for further processing. Here is a summary of the workflow steps:

  • When the reCAPTCHA score is greater than or equal to 0.5 and is less than 0.8, the loan application is sent to a validator for review. The validator would carefully examine the data and determine whether it is correct or not. If the validator deems the submitted data to be correct, they would send the form to the bank manager for final approval.
  • When the reCAPTCHA score is greater than or equal to 0.8, the application is directly assigned loan manager for approval/rejection.
  • If the bank manager approves the loan, a document of record is generated and the agreement is sent for signature to the loan applicant.
  • If the manager, rejects the loan then a email for rejection is sent.

This workflow allows for automated processing of loan applications with high reCAPTCHA scores, while forms with lower scores undergo manual validation to ensure data accuracy.

 

End-User Perspective: Filling the loan application form

As an end user, filling out the loan application form is a breeze. The adaptive form dynamically adjusts to display relevant fields based on the loan type selected. This ensures that users only provide necessary information, reducing form complexity. Furthermore, reCAPTCHA Enterprise based screening or validation is opaque to user. They don’t have to fill any CAPTCHA to submit the form. The form is submitted to a back-end workflow and based on the score, the application is send for approval or user can be contacted by a manual validator to validate the authenticity of the user.


Bank Manager Perspective: Reviewing the Loan Application

 

Summary 

This integration of an adaptive form with reCAPTCHA Enterprise significantly improves the a form application submission experience. It offers a secure and user-friendly experience for applicants while minimizing the risk of fraudulent submissions. Ready, to embrace the power of adaptive forms and reCAPTCHA Enterprise to transform your loan application process into a seamless and secure experience, get started with configuring Google reCAPTCHA Enterprise for your environment.

 

Q&A

Please use this thread to ask questions relating to this article