Skip to main content

botScore

botScore (number): A number ranging from 1 to 5, indicating the likelihood that the browser is being controlled by a bot or similar automated software.

Important: Only the last two major versions of Chromium, Firefox, and Safari are guaranteed to be supported. Browsers that are five or more major versions out of date are likely to be flagged as bots, as bots often do not update automatically like human-operated browsers. Additionally, users with uncommon or atypical browsers may also be flagged as suspicious.

Score Description

  • 5 (Bot): High confidence; strongly suggests automation.
  • 4 (Bot): Medium confidence; environment suggests automation.
  • 3 (Human): Ambiguous result; does not inherently suggest automation.
  • 2 (Human): Medium confidence; likely human.
  • 1 (Human): High confidence that the user is a human.

Usage Recommendations

  • Low-Risk Applications: Consider blocking users with a botScore of 5.
  • Moderate-Risk Applications: Consider blocking users with a botScore of 4 or 5.
  • High-Risk Applications: Consider blocking users with a botScore of 3 or higher. Note that a score of 3 is ambiguous and may be resolved by refreshing the page and calling the API again.

Important: Blocking users with a botScore of 1 or 2 is strongly discouraged, as these scores generally indicate legitimate human users.

Inconclusive Result Recommendations

If a browser is scored as a 3, it means that something odd about the browser was detected that sometimes indicates automation. Refreshing the page and calling the API again may resolve an inconclusive result.

Note: Browsers in incognito mode or a similar private browsing mode will be scored with a botScore of 3. This is due to the fact that many bots operate in incognito mode.

Best Practices

  • Delayed Execution: Execute opjs() after user interaction (e.g., button click) for better bot detection results.
  • Data Privacy: Ensure compliance with applicable privacy laws when collecting and storing fingerprint data.
  • Server-Side Verification: Use the authToken to verify data with OverpoweredJS servers to prevent forgery.