Frequently Asked Questions
Find answers to common questions about ECURTIY.
General
What is ECURTIY?
ECURTIY (ee-KUR-tee) is a modern, privacy-focused human verification system. It uses Proof of Work, behavioral analysis, and browser fingerprinting to verify humans without frustrating image puzzles like traditional CAPTCHAs.
How does ECURTIY work?
When a user interacts with the widget, their browser solves a computational challenge (Proof of Work) while we analyze behavioral patterns. All signals feed into a risk score. If the score is low enough, verification succeeds and a token is generated for your server to validate.
What's the difference between ECURTIY and reCAPTCHA/Turnstile?
Unlike traditional CAPTCHAs, ECURTIY never shows image puzzles. Our Proof of Work approach is invisible to users—they just click a checkbox or drag a slider. We're also privacy-focused: fingerprints are hashed client-side and we never collect personal information.
Pricing & Plans
Is there a free plan?
Yes! The free plan includes 1,000 verifications per month, 1 site, and full API access. It's perfect for side projects, testing, and small websites.
What happens if I exceed my monthly limit?
Verifications will continue to work, but new challenges will return an error until your limit resets at the start of the next billing cycle. We recommend upgrading before you reach your limit.
Can I upgrade or downgrade at any time?
Yes, you can change your plan at any time from the billing dashboard. Upgrades take effect immediately, and downgrades apply at the start of your next billing cycle.
Do you offer annual billing?
Yes! Annual billing is available at a 20% discount. Contact sales for enterprise annual agreements.
Is there an enterprise plan?
Yes, the Enterprise plan offers unlimited verifications, dedicated support, custom SLAs, and additional features. Contact our sales team for pricing.
Technical
How long does verification take?
Typically 1-2 seconds for most users. The Proof of Work difficulty can be adjusted. 'Easy' takes ~0.5s, 'Medium' ~2s, 'Hard' ~8s. We recommend Medium for most use cases.
Does ECURTIY work on mobile?
Yes! The widget is fully responsive and works on mobile devices. Touch interactions are supported for slider mode.
What browsers are supported?
ECURTIY works in all modern browsers: Chrome, Firefox, Safari, Edge, and their mobile versions. We use Web Workers for PoW computation, which is widely supported.
How do I handle verification failures?
Implement the errorCallback to handle failures gracefully. Common causes include: network issues, expired challenges (5 min TTL), or high risk scores. Show users a clear message and let them retry.
Can I use ECURTIY with React/Vue/Angular?
Yes! The widget can be integrated with any frontend framework. See our Widget Guide for React examples. The key is to load the script and call ecurtiy.render() after your component mounts.
What's the difference between site key and secret key?
The site key (eck_live_...) is public and used in your frontend code. The secret key (ecs_live_...) is private and should only be used server-side for token validation. Never expose your secret key.
How do I test in development?
The widget works on localhost by default during development. For automated testing, you can use test mode which bypasses verification (contact support for test keys).
Security
Is ECURTIY secure against bots?
Yes. Our multi-layer approach (PoW + behavioral + fingerprinting) makes automated attacks expensive and detectable. While no system is 100% bot-proof, ECURTIY significantly raises the cost for attackers.
What data do you collect?
For end users: hashed fingerprint, IP (for rate limiting), user agent, and behavioral signals. We don't collect personal information. Fingerprints are hashed client-side before transmission.
How is my secret key protected?
Secret keys are stored encrypted and never transmitted to client browsers. Always use environment variables for storage. If compromised, regenerate immediately from your dashboard.
Can attackers bypass the verification?
Sophisticated attackers can attempt to solve PoW challenges, but it's computationally expensive at scale. Combined with behavioral analysis and fingerprinting, the cost of attack exceeds the value for most targets.
Is ECURTIY GDPR compliant?
Yes. We minimize data collection, hash fingerprints client-side, and follow strict data protection practices. See our Privacy Policy for details on GDPR compliance.
Troubleshooting
Widget not appearing
Check: 1) The container div exists, 2) Site key is correct, 3) Script loaded without errors. Open browser console for detailed errors.
Verification always fails
Common causes: 1) Site is inactive in dashboard, 2) Monthly quota exceeded, 3) Domain mismatch, 4) Clock skew (challenges expire after 5 min). Check your dashboard for verification logs.
Token validation returns 'token_used' error
Tokens can only be validated once. If you're seeing this error, your application might be calling /api/validate multiple times. Ensure validation happens once per form submission.
High failure rate in analytics
Review verification logs for patterns. High risk scores might indicate: bot traffic (good!), aggressive ad blockers, or VPN users. Consider adjusting difficulty or implementing additional verification for edge cases.
Widget is slow on my site
Ensure the script loads async/defer. PoW computation runs in a Web Worker, so it shouldn't block your main thread. If still slow, try reducing difficulty to 'Easy' for lower-risk forms.
Still have questions?
We're here to help. Reach out to our team.