Client reputation scoring
Servers can use signals such as historic activity about an authenticated client to calculate the client’s reputation score, which estimates how likely it is to be malicious. This can determine which other mitigations to apply (e.g. cryptographic challenges) and how.
Client reputation scoring can complement IP-based reputation systems, used in reverse proxies like Akamai and Cloudflare, by considering signals about the client across devices and IP addresses.
The signals that can be used to calculate the score include:
- The age of the account.
- Usage patterns.
- Whether the client runs on a trusted app.
- Whether the client has passed any humanity verification test, if applicable.
Private State Tokens
Private State Tokens is a privacy-preserving protocol proposed by Google that allows users to demonstrate their trustworthiness on one website by sharing that they are trusted on another. As an experimental protocol designed to work in browsers and supported solely by Chrome, its applications may be limited for the time being.