No CAPTCHA reCAPTCHA
Does the picture above look familiar? We are all fairly familiar with the frustrations by this type of security validation, known as CAPTCHA. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. Essentially, it is a way for websites to validate that the person trying to use their site is a human, and not a computer programmed to spam or do other malicious deeds. The most common type of CAPTCHA is called reCAPTCHA which uses distorted words or series of letters to determine the user's authenticity. The thought behind this is that humans are exceedingly more capable at recognizing distorted words and letters and so can easily validate that they are, in fact, human. However, this is not always the case. I (and many others I'm sure) have myself been foiled by this type of validation as I sometimes can't actually read the letters because they are so distorted. Not only that, but computers have gotten to the point where they can correctly solve even the most difficult reCAPTCHA with 99.8% accuracy - likely better than many humans! So, in response to this, Google has developed a new kind of CAPTCHA. But instead of making it more complicated to beat the computers, it is as simple as checking a box.
Google has developed an API called No CAPTCHA reCAPTCHA that websites can start using to improve both the ease of validation and the security of only humans passing the test. The actual clicking of the box isn't the most important part. Google actually looks at the behavior of the person clicking the box such as the movements of the mouse, the pauses and time it takes, etc. to determine whether you are human which is very hard for a computer to replicate. But what if the CAPTCHA determines you are not a human? Then you might see the more familiar reCAPTCHA word puzzles or a more advanced puzzle like the one below which has you matching similar images which computers are a long way from being able to do effectively. Websites such as Snapchat, WordPress and Humble Bundle have already begun using this service, and it won't be long before it is commonly used all over the internet.
No comments: