GKTinc Enterprise

GuardianKey GKTinc Enterprise is a system designed to deter mass automated attacks. It applies cryptographic challenges that must be solved by the legitimate user’s browser, making it unfeasible for bots and scripts that consume system resources.

GKTinc requires the browser to solve a lightweight cryptographic challenge for each data submission to the web system (such as login or form submissions).
This challenge runs in JavaScript directly in the browser, without requiring any additional action from the user. The challenge response is then sent along with the normal data (e.g., username and password).

This creates a computational cost for attackers, making automated attacks such as brute force or credential stuffing much harder — while remaining fully transparent to legitimate users.

Unlike other approaches, GKTinc relies solely on cryptographic challenges, without using external intelligence databases that could expose or compromise user privacy. With every data submission, the protected web application sends hidden fields containing elements such as a unique session identifier, timestamp, a cryptographic salt, and factors tied to the username. These parameters ensure that each challenge is unique and cannot be reused, even if an attacker attempts to manipulate or tamper with variables.

The data solved by the browser is sent along with the form and validated by GKTinc, which confirms the challenge before allowing the application to proceed with normal processes, such as authentication or data handling. All of this happens transparently, requiring no extra interaction, preserving the user experience while silently and effectively blocking automated attacks.