094 90 48200    Get SUPPORT

Aniar IT Services Blog

CAPTCHA and Its Many Challenges

CAPTCHA and Its Many Challenges

We’re all familiar to some degree with the security measure known as CAPTCHA. You know the one—you usually see it when filling out forms or logging into sites online, where you have to prove that you’re a human being by identifying which of a variety of images fit a certain description. You may have noticed that these tests have gotten far more difficult over time. This is because, predictably, computers are getting better at beating them.

Let’s discuss what this signifies, and how this may shape how users authenticate themselves in the future.

Defining CAPTCHA

Short for Completely Automated Public Turing Test to tell Computers and Humans Apart, CAPTCHA has long been the standard tool used by Google to prevent automated spam from polluting the Internet by requiring (in theory) a human being to interact with content in some way before allowing access or a task to successfully be completed.

Back in the early 2000s, CAPTCHA was effective against spambots, being able to bamboozle them by simply requiring images of text to be identified.

The Growing Issues with CAPTCHA

However, once Google gained ownership of CAPTCHA and used it to help digitize Google Books, the text needed to be increasingly distorted to continue to fool optical character recognition. Adding to this was the fact that human beings solving these CAPTCHAs gave optical character recognition the information needed to improve its skills.

This is the downside to CAPTCHA that its creators foresaw from the beginning: at some point, machines would ultimately overtake human capabilities when it came to identifying these images. Furthermore, these tests also need to be universally applicable, working wherever someone is located despite any cultural biases and differences that a user might have.

Since then, CAPTCHA has been replaced by NoCAPTCHA ReCAPTCHA (the one where your user behavior is used to judge your humanity) in 94 percent of websites that use CAPTCHA. Further research and development is in progress to reinforce the security of these tools.

However, automated bots can already bypass CAPTCHA more effectively than most humans can. In fact, in 2014, a machine learning algorithm was made to compete with users to solve distorted text CAPTCHAs and managed to bypass the security measure 99.8 percent of the time, as compared to the humans’ 33 percent. There are also various CAPTCHA-solving programs and services available for use that can effectively access vast amounts of pages for little cost.

What is Being Done to Resecure CAPTCHA

There are many different approaches under consideration to improve the practical efficacy of CAPTCHA—making it simpler for human beings and more difficult for machines as originally intended. To accomplish this, a few different tactics have been explored, some more plausible than others:

  • Rather than identifying text or images, users would be asked to classify images of faces, based on expression, gender, and ethnicity (probably not the best option, in today’s contentious environment).
  • CAPTCHAs based on trivia and regionalized nursery rhymes, with these culturally based questions designed to overcome bots and overseas hackers alike.
  • Image identification that uses cartoons, hidden-image illusions, and other relatively subjective content to outfox automated CAPTCHA-cracking tools.
  • CAPTCHA tools that test users by having them perform basic game-like tasks, with instructions given in symbols or contextual hints.
  • Device cameras and augmented reality being used as a form of physical authentication.

Finally, a lot of consideration is being put to authentication measures that examine a user’s online behaviors and actions to determine whether there’s a real human being at the controls, or if a clever piece of software is trying to gain access—whether the mouse moves, for instance, or how precise it is as it does. Google itself is starting to examine traffic patterns to test “users” on a case-by-case basis.

There’s even a chance that these kinds of Turing tests will only be passable in the future by selecting an incorrect answer.

Regardless of how, it is only going to become more important to secure your accounts and the information they contain as time passes. Aniar IT Services is here to help you secure your business and its data. Learn more about how we can protect your business with the right IT solutions by calling 094 90 48200 today.

Tip of the Week: Keeping Track of Changes Made in ...
Become an Email Champion by Spending Less Time Dea...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, October 28 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.aniar.ie/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Productivity Best Practices Business Computing Email Cloud Privacy Workplace Tips Efficiency User Tips Network Security Internet Hosted Solutions Innovation Google Microsoft Data IT Support Hardware Software Hackers Business VoIP Communication Collaboration Data Backup Cybersecurity Small Business Managed IT Services Mobile Device Data Recovery Mobile Devices Smartphone Computer Communications Android Tech Term Users Windows 10 Phishing Cloud Computing Smartphones Malware Network IT Services Gadgets Backup Outsourced IT Business Continuity Artificial Intelligence Windows Browser Miscellaneous Saving Money Information Disaster Recovery Business Management Managed Service Facebook Internet of Things Spam Chrome BDR Server Quick Tips Covid-19 Passwords Office 365 Upgrade How To Wi-Fi Automation Microsoft Office BYOD Router Social Media Applications Encryption Data Storage Networking Windows 7 Apps Blockchain Operating System Paperless Office Save Money Holiday Word Cybercrime Mobile Office Computers Data Security Mobile Device Management Display Managed IT Two-factor Authentication Infrastructure Human Resources History Staff Bandwidth Government Data Breach Vulnerability Remote Work Data Protection Patch Management HIPAA Ransomware Telephone System Remote Monitoring Connectivity Settings Money Virtualization Cryptocurrency Telephony Employee/Employer Relationship CES Unsupported Software Fraud Software as a Service Scam Training Update Business Intelligence Keyboard Content Management VPN Remote Augmented Reality Spam Blocking Botnet Processor Password Virtual Assistant Managed IT services Bring Your Own Device Redundancy Voice over Internet Protocol Vendor Management IT Management Business Technology App Telephone Systems Hard Drive Meetings Health Social Engineering Avoiding Downtime Office Big Data Google Drive Managed Services Provider Identity Theft Servers WiFi Website Education Audit Comparison Vendor Procurement Private Cloud IT Plan OneNote Help Desk Google Docs Conferencing Machine Learning Access Control Wireless Compliance Digital Signage Law Enforcement Sports Mobile Computing Default App Shopping Evernote Cleaning Trending Managed Services Public Cloud Biometric Security Information Technology HaaS Virtual Machine AI Recycling Devices Cryptomining Computer Fan RMM YouTube Mouse Windows Server 2008 Windows Server 2008 R2 OneDrive Authentication Data loss Google Search Virtual Private Network Smart Office HBO IT Infrastructure Social Network Practices Safe Mode Security Cameras Cache Software Tips Policy Manufacturing Computing Amazon Shortcuts Hypervisor eWaste Thought Leadership Remote Worker Database Telecommuting FENG Employees Microchip Computer Care Copiers 5G Cortana Alert Save Time Remote Workers Document Management Camera Outlook Investment Printing Charger Hosted Computing Smartwatch Skype Peripheral Wireless Internet Procedure Virtual Reality Professional Services Amazon Web Services Accountants Hacker Enterprise Content Management Mobility Going Green Legal The Internet of Things Wiring Travel Sales Search Engine Development Password Manager Nanotechnology Proactive IT Tools Work/Life Balance Managed IT Service FinTech Printers Frequently Asked Questions Recovery ROI Personal Wireless Charging Inventory Start Menu Project Management Quick Tip USB Solid State Drive Cabling Fiber Optics Downtime Password Management Social Sync Multi-Factor Security Saving Time Criminal Twitter Windows 10s Firewall Digital Signature SharePoint Bing Messaging Business Mangement Smart Tech Screen Mirroring MSP Net Neutrality Millennials Physical Security Apple Entertainment Warranty Excel GDPR Digitize Google Apps Employer-Employee Relationship Employee Bitcoin Regulations Electronic Medical Records Wire Cables Trend Micro Online Shopping Root Cause Analysis NIST Supply Chain Management Addiction Unified Threat Management OLED Using Data Credit Cards PDF HVAC Flash SMS Gmail Cast File Sharing ISP Value Workforce Printer Tip of the week Remote Computing IT Assessment Workers Specifications Batteries PCI DSS Data Management Hard Drives Windows 10 Search Public Speaking Presentation Regulation Lithium-ion battery CrashOverride Tech Support Company Culture Wireless Technology Emergency Safety IBM Marketing Managed Service Provider Productivity Budget Managing Stress Competition Hiring/Firing Customer Relationship Management IP Address Fun Personal Information Customer Service Financial Domains