School of Information Systems

HOW SCREEN SCRAPING WORKS

25 Oct 2024

Screen scraping can be accomplished in various ways, indicating that multiple methods are available depending on the specific circumstances and technology involved. For instance, using Java, one can copy and paste source code from one application into another. This method is among the simplest but necessitates direct access to the source code of the application being scraped.

In essence, screen scraping enables users to extract data from specific UI elements displayed on the screen. This broader definition means that a screen scraper will look for particular elements, such as buttons, text, or images, and then pull data from those components.

When the displayed content includes images, screen scrapers utilize OCR (Optical Character Recognition) technology to extract the information. OCR is capable of transforming images with text into text that can be read by machines.

Screen scrapers can also be built using tools like Selenium or PhantomJS. These applications are widely used for automating web browsers, allowing users to create programs that mimic browser interactions to gather data from web pages.

In the banking sector, third parties might request users to share their login credentials. This raises concerns regarding the controversial nature of screen scraping. Third-party applications (like budgeting tools) may ask users to provide their usernames and passwords so they can log into the user’s bank account and access transaction data.

When transferring data from an older program, the screen scraper needs to extract data from the legacy system and reformat it for compatibility with newer operating systems or web browsers. This represents a more technical aspect of screen scraping. Companies aiming to migrate data from an old system to a new one can use screen scrapers to gather information from the legacy system and adjust its format to align with the new system.

In conclusion, screen scraping is a versatile technique applicable for numerous purposes. However, it is crucial to exercise caution when utilizing screen scraping, especially when handling personal data like financial information.

How to prevent

  • Require login with a password: While this won’t completely prevent screen scraping, it can help identify who is performing it. If a page requires a login, the scraper must submit identification information with each request, which aids in tracking the source of the screen scraping.
  • Set rate limits for each IP address: This will slow down requests from computers that make numerous requests in a short period, which may indicate screen scraping activity.
  • Implement CAPTCHA: CAPTCHA helps distinguish between legitimate users and bots by presenting image-based information that is difficult for computers to interpret.
  • Use a web application firewall (WAF): A WAF can assist in detecting actions based on signatures or behavioral patterns associated with screen scraping.
  • Run fraud detection software: This can help identify data theft during the screen scraping process, even while it is occurring.
  • Format content as images: Although this won’t entirely stop screen scraping, it will prevent programs that cannot interpret images from extracting data.
Joni Suhartono