Honeypot questions and other anti-bot measures | XM Community
Skip to main content

Hi all

I'm a PhD student using Qualtrics for an expression of interest form for recruiting participants for research. I'm encountering a lot of bots on my form despite having all of Qualtrics' security features enabled and a reCAPTCHA verification question in the survey.

I have tried adding Honeypot questions (e.g., a superfluous “What is your age in years?” question) and have been able to successfully hide them using the below JavaScript:

Qualtrics.SurveyEngine.addOnload(function()

{

jQuery("#"+this.questionId).prev('.Separator').hide();

jQuery("#"+this.questionId).hide();

});

However, the bots do not seem to be answering these questions. They answer everything else and are only leaving these hidden questions blank, which defeats the purpose of having them.

Does anyone have any suggestions?

I’m also open to hearing about other anti-bot measures I could include in my survey to assist with security as I need a verifiable way of telling bots and genuine participants apart for the purposes of research integrity. 

Thanks, 
Maddie 

I think the bots can see that the question is hidden and that’s why there are not answering it.

 

You could try changing its opacity to zero:

Qualtrics.SurveyEngine.addOnload(function () {
const quest = this;
const qc = quest.getQuestionContainer();
const buttons = document.querySelector("#Buttons");

// Change the opacity of the question to 0
qc.style.opacity = 0; // Delete this line to see where the question goes

// Move the question after the buttons row
buttons.insertAdjacentElement("afterend", qc);
});

 

Another option would be to move the question out of the page, i.e., it will be present in the DOM tree but rendered outside the viewable area:

Qualtrics.SurveyEngine.addOnload(function () {
const quest = this;
const qc = quest.getQuestionContainer();

qc.style.position = "fixed";
qc.style.left = "-100px";
qc.style.top = "-100px";
});

 

However, its possible that these are not bots, but instead humans working on server farms. Maybe add a few questions like “Select Slightly Disagree” etc.


Thank you so much @ahmedA. This is really helpful and greatly appreciated. If you have any other suggestions for anti-bot measures, please feel free to share them.


Question from a not-tech-savvy person with the same problem: where/how do you add this code the survey construction?


Question from a not-tech-savvy person with the same problem: where/how do you add this code the survey construction?

@mauraco You can add the code to this https://www.qualtrics.com/support/survey-platform/survey-module/question-options/add-javascript/


Thank you so much @ahmedA. This is really helpful and greatly appreciated. If you have any other suggestions for anti-bot measures, please feel free to share them.

Hi @MaddieF, did the solution offered help?


@AlonsoC, unfortunately the bots still do not seem to answer the Honeypot questions. There doesn’t seem to be an efficient way to automatically detect bots/fraudulent responses, as even with all of Qualtrics’ security features enabled some responses do not get flagged despite clearly not being genuine. 


@MaddieF are you offering an incentive?  Worth considering motive for bots or undesired 3rd parties to complete the survey, and reconsider what options you have to present that, or be less explicit about it.  Without knowing specifics, in my experience these responses can sometimes be genuine, but respondents may not intend to fill in the survey, type random answers or just trying to game your responses.

I’d also just suggest creating a new survey link and seeing if you have the same issue.  


@AlonsoC, unfortunately the bots still do not seem to answer the Honeypot questions. There doesn’t seem to be an efficient way to automatically detect bots/fraudulent responses, as even with all of Qualtrics’ security features enabled some responses do not get flagged despite clearly not being genuine. 

@MaddieF, thanks for that information. I’ll look further into this and will follow up.

 

Update: @MaddieF, I was provided with the following information:

 

“The bot detection tool utilizes Google's reCaptcha to generate a score that indicates the chances of a response coming from a bot. This score can be used to filter responses in the Data & Analysis section. Although responses will still be collected, they will be labeled with the embedded data field "Q_RecaptchaScore." A score of 0.5 or higher suggests the respondent is likely a human, while a score below 0.5 indicates the respondent is probably a bot. This score can then be used to filter out responses that are likely coming from bots. For more information, you can refer to this support page.

Other security measures can be found in this support page. If they make any changes to the survey, they will need to make sure to publish it afterwards to make sure these changes are applied correctly.

 

If you continue to have these issues, they recommend to reach out to Support. You can contact them by logging into the Customer Success Hub with your usual Qualtrics credentials.


Leave a Reply