D
docholiday
Hi,
I have been researching this for quite some time now, but I cannot
seem to find any good articles or discussions about this topic -
perhaps I am only searching for the wrong terms.
My question is as follows: I want to prevent the user from using
automation in order to control an application I wrote. The application
consists of a couple of buttons and editfields. A user would enter
some data into those fields and then press a 'calculate' button to get
his result.
My company now wants this application (which is distributed to several
thousand clients) to forbid automation in any form. The reason for
that is kind of hard to explain, because of the nature of the product
(it is a financial application that can be used in combination with
other popular stock market software). Put simple, what I need to do is
a kind of "bot-protection".
Point is, however, that I cannot only detect how often the user clicks
the calculate-button, because it would make sense to do this only once
every few minutes, whereas a "manual user" might want to do it quite
more often. Just think of it as way to prevent a user to write an
application, that allows him to interact with the program without
being at the computer at the time.
Also the time needed to enter the data could be checked, but I could
imagine someone writing a solution that enters data in a way a human
would do it.
The third obvious way to prevent the user from automating my
application (captchas and the like) are sadly not an option either.
To make a long story short, is it possible to detect whether
informations about my controls (like their positions or the captions
of buttons (e.g. by means of GetWindowText et al)) are requested by
another process? How about detecting usage of methods like SendKeys or
the automated movement of the mouse? Or even shorter: is it possible
to detect, whether my application is automated by another process
without putting constraints on what a real user could do?
I would be very grateful for any informations regarding this topic,
sincerly,
Michael Donn
I have been researching this for quite some time now, but I cannot
seem to find any good articles or discussions about this topic -
perhaps I am only searching for the wrong terms.
My question is as follows: I want to prevent the user from using
automation in order to control an application I wrote. The application
consists of a couple of buttons and editfields. A user would enter
some data into those fields and then press a 'calculate' button to get
his result.
My company now wants this application (which is distributed to several
thousand clients) to forbid automation in any form. The reason for
that is kind of hard to explain, because of the nature of the product
(it is a financial application that can be used in combination with
other popular stock market software). Put simple, what I need to do is
a kind of "bot-protection".
Point is, however, that I cannot only detect how often the user clicks
the calculate-button, because it would make sense to do this only once
every few minutes, whereas a "manual user" might want to do it quite
more often. Just think of it as way to prevent a user to write an
application, that allows him to interact with the program without
being at the computer at the time.
Also the time needed to enter the data could be checked, but I could
imagine someone writing a solution that enters data in a way a human
would do it.
The third obvious way to prevent the user from automating my
application (captchas and the like) are sadly not an option either.
To make a long story short, is it possible to detect whether
informations about my controls (like their positions or the captions
of buttons (e.g. by means of GetWindowText et al)) are requested by
another process? How about detecting usage of methods like SendKeys or
the automated movement of the mouse? Or even shorter: is it possible
to detect, whether my application is automated by another process
without putting constraints on what a real user could do?
I would be very grateful for any informations regarding this topic,
sincerly,
Michael Donn