CyberSiARA
Accessibility

Ensuring seamless access for all users while maintaining security

If you are an accessibility user,

Summary

CyberSiARA is designed to stop bots by distinguishing them from people. Visual tests are a convenient tool for this, but not everyone can solve a visual challenge.

For this reason we have designed a simple, painless alternative to let publishers using our service preserve accessibility for all with full Section 508 and WCAG 2.1 AA compliance.

How it works: first, an accessibility user signs up via the accessibility signup page, which is prominently linked in the CyberSiARA widget info page. They are given an encrypted cookie that can be used several times per day, but must be refreshed every 24 hours via login.

When a challenge is presented to an accessibility user on any site using the CyberSiARA service, they will automatically pass.

Accessibility option in widget UI menu

FAQ

Answers :We believe so: all users with any form of impairment who are able to browse the web and enter text on forms can access services protected by CyberSiARA upon registration. However, this is not legal advice: you should perform your own evaluation, taking into consideration your particular implementation to ensure this is the case for your deployment.
Answers :Previously popular options like audio captchas discriminate against many a11y users and are easily defeated by modern machine learning techniques. This has forced current audio challenges to become more and more difficult, introducing noise, odd timing, unusual word combinations, and so on to defeat attackers. We are thus less enthusiastic about this approach vs. avoiding the challenge altogether, but will consider it if there is demand from the a11y community.

However, we are very interested in Privacy Pass for the Accessibility use case. We believe combining our current a11y approach with Privacy Pass issuance will allow a11y users to browse safely, secure in the knowledge that their traffic is more private, while restricting the abuse by bot operators that inevitably occurs when a11y options are available. We are active participants in the IETF working group standardizing this new technology.
Answers :CyberSiARA is designed for privacy from the ground up. It is very different than traditional options like reCAPTCHA that are owned by ad networks, who have an incentive to track you around the web and associate you with a real identity.

We never use accessibility emails or info for any purpose other than facilitating a11y use and preventing abuse. Our privacy policy has comprehensive and authoritative answers as to how we use data, but the short answer is we have no interest in associating you as a person with your browsing history.

We are also currently working on a cryptographic solution to rapidly discard your email address while still preserving our ability to prevent abuse, complementing our Privacy Pass work.

For Accessibility Users: Q&A and Troubleshooting Guide

Answers :This is typically due to using an aggressive ad blocker or anti-cookie extension, or a setting that blocks "cross-site" cookies, in this case a cookie for CyberSiARA.com that is set or checked by the CyberSiARA JS on a different site, like the one you are visiting.

CyberSiARA accessibility cookies work with all popular browsers and ad blockers with their standard settings, so typically failures are due to "anti-anti-adblock" scripts or similar rulesets targeting particular sites.
  1. Whitelist cybersiara.com and *.cybersiara.com cookies in your ad blocker or browser security extension.
  2. If you are using the Brave browser, which does not (as of April 2020) appear to have any kind of cookie whitelist, go to Preferences -> Shields -> Cookies and choose "Allow All Cookies."
  3. If you are using the very latest version of Safari on either the recently released OS X 10.15 or iOS 13.4, Apple has just changed the behavior of Safari related to third-party cookies, blocking all of them by default. We are implementing a solution, but in the meantime please visit Safari Preferences, Privacy section, and uncheck "Website tracking: Prevent cross-site tracking" to enable the accessibility cookie to function as expected.
Answers :No. Please click the same email login link sent to you on each device you use in order to set the cookie.
Answers :Using any privacy or ad-blocking extension that supports domain-level whitelisting (e.g. uBlock Origin) will work as expected: just make sure to whitelist CyberSiARA.com.

Browser Instructions for Cross-Site Cookies

To enable cookies in Safari (Mac): Go to the Safari drop-down menu. Select Preferences. Click Privacy in the top panel. Under 'Block cookies' select the option 'Never.'

To enable cookies in Safari (iPhone/iPad iOS 11+): Open your Settings. Scroll down and select Safari. Under Privacy & Security, turn off "Prevent Cross-Site Tracking" and "Block All Cookies"
Click on the shield to the left of the address bar on any webpage. Click on Protection Settings. The Firefox Preferences Privacy & Security panel will open. Under Enhanced Tracking Protection, select Custom. Choose which trackers and scripts to block by selecting those checkboxes. Make sure you have unblocked CyberSiARA.com.

You can also temporarily turn off some protections in Custom to debug this, by deselecting the checkboxes: Deselect the Trackers checkbox or deselect the Cookies checkbox if you are still having issues.
Google Chrome (PC)
Select the Chrome menu icon. Select Settings.
Go to Privacy and Security, then Cookies and other site data.
Make sure "Block third-party cookies" is not enabled.

Google Chrome (Mac):
Open Chrome preferences from the menu bar.
Go to Privacy and Security, then Cookies and other site data.
Make sure "Block third-party cookies" is not enabled.

Google Chrome (Android):
On your Android device, open the Chrome app.
At the top right, tap More and then Settings.
Tap Site Settings and then Cookies.
Next to "Cookies," switch the setting on.
Check the box next to "Allow third-party cookies."
  1. Select the gear in the upper-right corner of the screen, then select "Internet Options". If you have the Menu Bar enabled, you can select "Tools" then "Internet Options".
  2. Click the "Privacy" tab.
  3. Select the "Advanced" button.
  4. Under "Third-party Cookies" choose "Accept".
  5. Click "OK"