botScore
botScore
(number
): A number ranging from 1 to 5, indicating the risk that the browser is being controlled by a bot or similar automated software.
Most legitimate browsers will score 1 or 2, indicating little risk. Most bots will score 4 or 5, indicating a concrete risk of automation backed by hard signals. Browsers that score 3 are ambiguous: no definitive automation signals, but an elevated (not conclusive) risk. Typical cases include legacy browsers/OS versions and other heuristic red flags.
Score Description
- 5 (Bot): High confidence; strongly suggests automation.
- 4 (Bot): Medium confidence; environment suggests automation.
- 3 (Human): Low confidence; environment is ambiguous.
- 2 (Human): Medium confidence; likely human.
- 1 (Human): High confidence; user is probably a human.
Usage Recommendations
All Applications
- Delayed Execution: Execute
opjs()
after user interaction (e.g., button click) for better bot detection results. - Data Privacy: Ensure compliance with applicable privacy laws when collecting and storing fingerprint data.
- Server-Side Verification: Use JWT Signatures to verify data with OverpoweredJS servers to prevent forgery.
- Logging: Keep detailed logs of blocked attempts for further analysis and to help fine-tune the detection criteria over time.
Low-Risk Applications
- Blocking Criteria: Block users with a
botScore
of 5. - Rationale: This conservative approach minimizes the risk of falsely blocking legitimate users—even if the browser environment is otherwise rather suspicious.