Arkose Labs launches Arkose MatchKey, a new suite of CAPTCHA challenges that revolutionizes both defensibility against attackers and usability for consumers

5 min Read

Innovative challenge platform solves issues and universal complaints associated with CAPTCHAs

San Mateo, Calif. (Dec. 6, 2022) – Arkose Labs™, the global leader in bot management and account security, announced today the release of Arkose MatchKey™, the first new major suite of challenges available on the market that creates a streamlined experience for consumers while being unbeatable by fraudsters. 

Fraudsters are getting creative, and CISOs need a diverse set of solutions to be able to detect and stop them. This reality was the underlying driver for the innovation behind Arkose MatchKey. CAPTCHAs continue to prove effective especially when combined with a defense-in-depth approach like the one offered by Arkose Detect

Arkose Labs CTO Ashish Jain said, “Consumers find traditional CAPTCHAs frustrating and fraudsters have found ways to get around them. Add on to that fraudsters are scaling their attacks to take advantage of fluctuating economic conditions and you get a massive increase in account takeovers, automated credential stuffing, and fake account registrations. As a result, marketplace demand for a completely new approach to CAPTCHAs is at an all-time high. It’s exciting to be the first to answer the market’s needs.”

The same Arkose MatchKey challenges that are quick and easy for good users are designed to present adversaries with thousands of variations, raising the time, effort, and expense they must invest in solving them. When the ROI is negligible, adversaries move on to less protected targets. 

Global enterprises today expect cybersecurity strategies to protect systems, as well as ensure consumer trust and influence profitable growth. But they haven’t been able to achieve that consistently by using traditional CAPTCHAs for these three reasons:

  1. Traditional CAPTCHAs are built to present the same level of friction to all site visitors, whether the visitor is a malicious bot, human fraud farm, or a good user. 
  2. Attackers are exceptionally proficient at defeating traditional CAPTCHAs using off-the-shelf ML techniques that are easily trained on the generic photos and images used by these CAPTCHAs. 
  3. Accessibility, cross platform and device responsiveness, and usability are barely an afterthought in the traditional CAPTCHAs, making them hard to implement universally across all regions and channels.

In comparison, Arkose MatchKey is an intuitive challenge-response solution that thwarts attackers from accessing companies’ network systems by applying strategic friction based on challenges that evolve through constant iteration. Already, early adopter reaction has been extremely positive. After deploying Arkose MatchKey, an identity product leader at a Fortune 100 company said, “Arkose Labs has fixed CAPTCHA [issues],” and attributed an 80% increase in good-user throughput to these innovations.

“Traditional CAPTCHAs’ human solvability-to-maintaining security ratio has been way out of kilter for far too long, which is why we embarked on an 18-month journey to innovate a new solution,” said Jain. “Arkose MatchKey adds more arrows into CISOs’ quivers. Now, they can have strong defensibility against attackers while improving consumer usability.”

Unlike traditional CAPTCHAs, Arkose MatchKey optimizes the user experience through a distinct gamified user interaction model that requires matching of a key image to the correct answer based on the instructions supplied. Arkose MatchKey challenges can be translated into 109 languages, which means enterprises are guaranteed a universal solution sensitive to cultural differences. The challenges are WCAG 2.1 compliant, making them fully customizable to support the most stringent accessibility standards, and are created to align with enterprises’ brand guidelines. Get the specific details about the patent-pending innovation behind Arkose MatchKey here.

It also amps enterprises’ defensiblity against adversaries. Machine learning algorithms rely on data and images that attackers must hand-label. Arkose MatchKey’s strongest challenges have the potential to result in a half-million individual images that an attacker would need to hand-label, taking more than 25,000 human hours.

“Many bot management solutions are only able to tune the detection rules,” said Himanshu Bari, vice president, product management Arkose Labs. “Unlike other vendors, our automated systems plus our 24/7/365 SOC and threat research teams continuously tune Arkose MatchKey challenges’ configuration and images on top of the detection rule tuning to make the attackers go away for good.”

“Enterprises need to review their cybersecurity strategies now to ensure they have state-of-the-art tools in place that strengthen the online experiences they’re creating for consumers,” Jain concluded.

Book a demo here to test drive Arkose MatchKey. 

Get the latest bot management and account security news and threat research. Follow Arkose Labs on LinkedIn.

About Arkose Labs

Arkose Labs’ mission is to create an online environment where all consumers are protected from malicious activity. Its AI-based platform combines powerful risk assessments with dynamic attack response that undermines the ROI behind attacks while improving good user throughput. The company offers the world’s first and only $1 million credential stuffing warranty. Headquartered in San Mateo, CA with offices in Brisbane and Sydney, Australia, San Jose, Costa Rica, and London, UK, the company ranked as the 106th fastest-growing company in North America on the 2022 Deloitte Fast500 list.


Jean Creech Avent

Global Head of Brand and Communications

Arkose Labs

[email protected]

+1 843-986-8229

Share Now