I'm researching best practices and toolkits used in design of safe authentication user flows that safeguard against bot, video recording, DOS, and spam attacks.
I noticed Binance uses a slider puzzle, and then MFA with a unique code sent to mobile and email. I've seen Google ReCaptcha, BotDetect, KeyCaptcah are solutions within this domain.
What is the toolkit used for the slider puzzle on Binance? What other options are there? How does this technology work? How would you calculate the value of this technology compared to the cost of such attacks on a website?
What would be some of the factors (e.g. WACG, analytics, automation, price) you would use to guide selection and integration? We would be looking at an Okta integration for OAuth2 authentication in this case.
Thanks for sharing your thoughts!
I can't answer most of your questions, but Binance's Slider is provided by GeeTest.