When your mobile app makes a REST call to your server/API, the data request is sent to ShieldSquare connector integrated at your Origin/Web server. In parallel, ShieldSquare SDK asynchronously collects data and sends to ShieldSquare bot engine for analysis. Data consists of device details (characteristics, orientation & acceleration) and behavioral details (events : buttons clicked, ads clicked, articles read/shared/liked, comments posted, screens viewed, purchases made, levels completed etc.,) based on your business logic from the interactions of the user with your Mobile App.
ShieldSquare connector sends the data to the ShieldSquare bot engine via ShieldSquare endpoint (deployed across the world using the global load balancer for minimal latency).
ShieldSquare bot engine analyses the data from the endpoint and responds with appropriate action to humans and bots.
Your origin/web server either sends the requested App data to the user or challenge with CAPTCHA or block the page based on the response from ShieldSquare. ShieldSquare SDK has the capability to render in-app CAPTCHA / Block page.
You have to be in 'Active mode' for receiving response codes for CAPTCHA/Block by configuring the responses for different categories of bad bots in 'Bot response page' in ShieldSquare admin portal. ShieldSquare recommends to handle empty data when the user solves the CAPTCHA.
If required, the Radware Bot Manager bot engine can also be configured to send response code (CAPTCHA / Block) directly to ShieldSquare SDK.
Integrate ShieldSquare SDK into your project
Configure the ShieldSquare SDK
Test and release your Application
1. Integrate Radware Bot Manager SDK into your project
a. Unzip the package ss2_ios_sdk_vx.x.x.zip which would contain below files.
b. Drag and drop ss2_ios_sdk_vx.x.x folder into your Xcode project. Ensure the 'Destination' is checked for 'Copy items if needed' and the appropriate destination group folder is selected.
c. Select the Project file and add ShieldSquare.framework under Embedded binaries.
d. Select your project from the project navigator and choose your deployment target.
e. Open the Build Phases tab and under 'Link Binary with Libraries', verify 'ShieldSquare.framework' is added.
ShieldSquare support team will provide unique customer ID for your account.
Ensure you can configure a required response 'CAPTCHA' or 'Block' from the Bot Response page in ShieldSquare Admin Dashboard for different types of bots.
You can ignore RECAPTCHA key and domain if you use text CAPTCHA.
b. Do the following modifications in appdelegate file
Include ShieldSquare header file
Incorporate below snippet in didFinishLaunchingWithOptions method above return true statement
ShieldEngine.setup(keyWindow: window!, verifyViewType:
ShieldEngine.setUserId(userId: "Visitor ID") // Set the User ID parameter of visitor
If you want to use Google reCAPTCHA, you have to replace 'sstextcaptcha' with 'ssrecaptcha' in the above method along with domain & key values in the info.plist. For now, we only support google Invisible reCAPTCHA and we recommend that you keep the difficulty level for reCAPTCHA as Medium.
Add a method in 'appdelegate class' to track bot events
Add below block of code whenever the Network call completed. This method requires “HTTPURLResponse” as a result object. Cookies headers will be retrieved by the framework using result objects will be provided by the client app. This is to add Cookie storing capability to your App ( if it doesn't have already) to help ShieldSquare to set four first-party cookies to identify patterns of the user interactions.
c. To collect custom events data, insert below analytics snippet whenever there is an event triggered in your app (Eg: App open, User signed in, Pages/screens viewed, the article read/liked/shared/commented, app version updated etc.,). ShieldSquare collects the events data in a batch process in fixed time intervals.