Repository Reference in line with the Berne Convention Copyright Treaty and  US Copyright Office Submission.
This submission includes annotated excerpts of the codebase for Caftcha, as deployed on November 1, 2024, on the pilot client domain xpat.to. These excerpts demonstrate the core functionalities of the software, including:
  1. Session management and secure server-to-server communication.
  2. Client-independent biometric authentication, including frontend and backend processing.
  3. Implementation of multi-factor authentication workflows.
The repository containing these annotated excerpts is hosted on a private GitHub repository:
Repository Name: caftcha-usc
Repository URL: caftcha-usc
Version Tag: v1.11.24-usc
The repository is protected under copyright and contains:
    • Caftcha_Client_Code_Excerpts_Annotated.txt: Annotated excerpts of the client-side code.
    • Caftcha_Server_Code_Excerpts_Annotated.txt: Annotated excerpts of the server-side code.
Access to this repository is restricted to maintain the confidentiality and integrity of the codebase.

 

Public Archive Reference
The informational text, titled “Copyright-de facto, de iure- Q.E.D,” has been published on the official Caftcha website on 14.11.2024 .
To ensure an immutable public record of the work, it has been archived via the Wayback Machine.
Original URL: [https://caftcha.com/?page_id=62]
Archived URL: [https://web.archive.org/web/20241114135431/https://caftcha.com/?page_id=62]
 

Mission and statement of principles

CaFtcha-Total Data Protection.

Technology serving-not subserviating- humanity, because the internet is not a free data farm.

Embracing the ethical AI credo, our # ZeroTrust at your fingertips # mission is to reshape internet security by providing innovative solutions that protect websites, cloud drives and any internet resources from, amongst many: data scraping, unauthorized access and web crawling, and any other form of resource exploitation, ensuring that only human-authorized traffic gains entry.

The uniqueness of our innovation mainly consists in:
1. Our servers act as gateway, load-balancer, external authenticator and single source of truth
2. biometrics are processed multiple times, out of which: externally on our servers frontend via initial, full traffic redirect from client, then again in our servers backend, when we return only human-authorized traffic to the client’s server backend and then again upstream to its frontend.
3. Only healthy traffic is returned to client domains, on a temporary basis, with mandatory biometrics reauthentication to prevent session fatigue, amongst quite a few more security features.
That’s what Turing intended and today, CAFTCHA , dactylocaptcha and fingercaptcha are the best proof of personhood or humanness.

 

 

Caftcha (Completely Automated FINGERPRINT Test to Tell Computers and Humans Apartbuilds on the success of its flagship product, CAFTCHA.com, an innovative system that authenticates traffic externally and returns secure, human-authorized browsing sessions.

Caftcha suite

Caftcha is a comprehensive security framework that ensures end-to-end traffic protection for websites, all internet resources and corporate data.

Our product suite includes:

– Caftcha.com:
live since 01.11.2024 on client pilot website: www.xpat.to
  • A groundbreaking solution that authenticates traffic through external, biometric verification with server-side processing and facilitates anonymous, 60 seconds, temporary browsing client local sessions.
  • The uniqueness of this is that the entire process is validated on our servers, offloading the unauthorized traffic from the client, maintaining an independent source of truth, gateway and load-balancer. Only healthy, human-initiated traffic is returned to client.

In development

– Fingercaptcha.com, a customized CAFTCHA for websites, offering:
  • Device-based, time-limited, alias-based (or validated-ID) registered sessions
  • Browser and session restrictions with IP geolocation.
  • Support for up to 5 concurrent sessions per authenticated device-user pair.
  • Designed to scale effortlessly with website traffic, this product secures access without compromising user privacy or experience.

 

– Dactylocaptcha.com, a hardware-software solution for enterprises:
  • A multi-user biometric scanner (virtual keyboard display, 5ghz BlueTooth capable, 3meters usbB/C/lightning hardwired) embedded with CAFTCHA software for plug-and-play integration with corporate systems such as Microsoft Active Directory and Cisco ISE.
  • Tailored for secure access to company resources like Microsoft OneDrive, SharePoint, and ServiceNow.
 
How Caftcha Works
Step 1: External Authentication
-All traffic to the client website (e.g., xpat.to) is redirected to a client-dedicated subdomain on our servers (e.g. xpatto.caftcha.com) for biometric frontend authentication.
-Only human-authorized, controlled and monitored traffic is returned to the client’s domain for 60-second, anonymous sessions.
Step 2: Traffic Control
-Caftcha’s multilayered server- to- server front and backend:
  • Acts as a load balancer, gateway, and single source of truth.
  • Replacing with an entire server infrastructure external devices like hardware ring tokens/security keys-NFC or USB enbled-, authenticator apps and similar.
  • Filters out bots, data scrapers, and unauthorized web crawlers.
  • Returning, authenticated human traffic, can run safely within the session limits, ensuring data integrity and a seamless user experience.
  • Reauthentication at session end restarts the entire process, involving the human factor to prevent session fatigue
Step 3: Scalability and Security
  • For devices without fingerprint scan capability, external backend encryption and server-side processing is applied to the device’s PIN or passphrase. The enterprise grade hardware fingerprint scanner solution is available where affordable.
  • SEO crawlers like Googlebot and Bingbot are granted controlled access for indexing purposes.
 
Why does Caftcha Stand Out

 

1. Innovation:
Caftcha uses encrypted mathematical representations of biometrics as keys for MFA, combining advanced security with a user friendly experience. Our innovative frontend cross domain MFA approach prevents data scraping, bot accounts, and any other malicious traffic. The uniqueness is that biometrics are processed multiple times, externally on our servers frontend via initial redirect from client, then again in the backend, when we return only authorized traffic to the client and further processing upstream to the client domain frontend.
2. Proven Technology-Real World Applications:
Currently at Technology Readiness Level 9 (TRL 9), Caftcha has been successfully deployed on the 1st of Nov 2024 at XPAT.TO as a live pilot.
3. Economic Impact:
Priced at $100/year, Caftcha is more than affordable to the existing over 400 million websites, making advanced security accessible at scale.

 

The Future of Human Internet Security

Caftcha is more than a product-it’s a paradigm shift introducing the human factor at the forefront of online security.

By protecting websites from data harvesting and unauthorized traffic, we preserve the integrity of your creativity, innovation, and intellectual property.

Scroll to Top