What Image Verification module does
X-Cart's Image Verification module is a solution designed to prevent automated form submissions in your store. The problem of automated submissions is caused by spam robots (spambots) - software programs that impersonate human beings and imitate their online activities for various malicious purposes. In an X-Cart-based store not using Image Verification module, spambots are likely to attempt to take advantage of the following forms:
| ▪ | 'Profile details' form (customer registration page); |
| ▪ | 'Authentication' form (any pages from which existing customers can log in); |
| ▪ | 'Send to friend' form (product details page); |
| ▪ | 'Customer reviews' form (product details page); |
| ▪ | 'Contact us' form (one of the help pages available through X-Cart's 'Help' menu); |
| ▪ | 'Subscribe to newslists' form (news subscription page for anonymous customers); |
| ▪ | 'Survey forms' (any pages on which surveys can be completed/submitted). |
The damage induced by automated submissions of the above forms by spambots may vary from insignificant to serious, but, in the most general case, is likely to include automated registrations of customer accounts (up to thousands of accounts every minute), dictionary/brute force attacks aiming to defeat the store's password system by continuously submitting to it various words/combinations of characters making the server iterate through the entire space of passwords, sending spam messages to the email addresses of the store owner/company ('Contact us' form) and email addresses of other Internet users ('Send to friend' form), distortion of survey statistics and posting annoying messages as product reviews.
Image Verification module generates tests that allow X-Cart system to determine whether it is dealing with a human or with a program pretending to be human (a spambot). Tests are designed in such a way that they can be easily passed by most humans, but cannot be passed by current computer programs. A test is pretty simple: the user is required to type a sequence of characters (letters, digits or both) that is displayed to him or her as an obscured, distorted image on the screen:
While the disguised code cannot be read by a computer program, it is easily read by a human. As a result, only human beings are allowed to submit forms.
It should be said that, although most code strings can be read by humans without problems, as a result of image distortion, certain combinations of characters may be poorly legible. You should not worry about that, as there is a link 'Get a different code' displayed below each distorted image, which allows the user to choose a different image at any time he or she wishes to do so.
The module is rather flexible in that you can adjust the type of characters (letters, digits or both) and the length of string that may appear in images protecting the store forms. It is also possible to choose, which of the forms that can be protected by image verification should actually be protected (all the forms or just some of the forms).
Roles in Image Verification module management
If you are an X-Cart GOLD administrator/provider or an X-Cart PRO administrator:
| ▪ | You can enable/disable the module Image Verification and adjust its configuration settings (See Enabling and Configuring 'Image Verification'). |