CAPTCHA and Its Challenges
We’re all familiar to some degree with the security measure known as CAPTCHA. You usually see it when filling out forms or logging into sites online. Here, you have to prove that you’re a human being by identifying which of a variety of images fit a certain description. These tests have gotten more difficult over time. This is because, predictably, computers are getting better at beating them. Let’s discuss CAPTCHA and its challenges.
Defining CAPTCHA
CAPTCHA stands for Completely Automated Public Turing Test to Tell Computers and Humans Apart. Its a standard tool used to prevent automated spam from polluting the Internet by requiring a human being to interact with content before allowing access.
Back in the early 2000s, CAPTCHA was effective against spambots. It fools bots by simply requiring images of text to be identified.
CAPTCHA and Its Challenges
When Google gained ownership of CAPTCHA though, the text needed to be increasingly distorted to continue fooling optical character recognition. Human beings solving these CAPTCHAs gave optical character recognition the information needed to improve its skills.
This is the downside to CAPTCHA that creators foresaw from the beginning. At some point, machines would ultimately overtake human capabilities when it came to identifying these images. These tests also need to be universally applicable, working anywhere despite any cultural differences that a user might have.
Since then, CAPTCHA has been replaced by NoCAPTCHA ReCAPTCHA in 94% of websites that use CAPTCHA. This is where user behavior is used to judge humanity. Further research and development is in progress to reinforce the security of these tools.
However, automated bots can already bypass CAPTCHA more effectively than most humans can. In 2014, a machine was made to compete with users to solve distorted text CAPTCHAs. It managed to bypass the security measure 99.8 percent of the time, as compared to the humans’ 33 percent. There are also various CAPTCHA-solving programs and services available to effectively access vast amounts of pages for little cost.
What is Being Done to Resecure CAPTCHA?
There are many different approaches under consideration to improve the practical efficacy of CAPTCHA. To accomplish this, a few different tactics have been explored, some more plausible than others.
- Users would be asked to classify images of faces, based on expression, gender, and ethnicity.
- CAPTCHAs based on trivia and regionalized nursery rhymes. This includes culturally based questions designed to overcome bots and overseas hackers alike.
- Image identification that uses cartoons, hidden-image illusions, and other relatively subjective content to outfox automated CAPTCHA-cracking tools.
- CAPTCHA tools that test users by having them perform basic game-like tasks, with instructions given in symbols or contextual hints.
- Device cameras and augmented reality being used as a form of physical authentication.
A lot of consideration is being put into authentication measures that examine a user’s online behaviors and actions to determine whether there’s a real human being at the controls. This includes whether the mouse moves, for instance, or how precise it is as it does. Google itself is starting to examine traffic patterns to test “users” on a case-by-case basis.
There’s a chance that these kinds of Turing tests will only be passable by selecting an incorrect answer.
It is only going to become more important to secure your accounts and the information they contain as time passes. Link High Technologies Inc. is here to help you secure your business and its data. Learn more about how we can protect your business with the right IT solutions by calling (973) 659-1350 today.
