Technology 4 min read

Why Captcha Requests are Here to Stay

I remember fondly when people celebrated the "death" of the captcha -- that annoying string of garbled mess you had to enter to prove your humanism. But captcha just evolved into its next form like a Dragon Ball Z villain. And now, it's evolving again, but this time, it will improve biometric authentication.

Captcha requests have been around since the early days of the internet. You may think they're obsolete and replaced now though, right? Wrong. | Image By Georgejmclittle | Shutterstock

Captcha requests have been around since the early days of the internet. You may think they're obsolete and replaced now though, right? Wrong. | Image By Georgejmclittle | Shutterstock

Although it may have been a while since you last had to fill out a captcha request to prove you weren’t a robot, they’re still here, hiding in plain sight.  

You remember what captcha is, right? The jumbled, difficult to read strings of letters and numbers you would have to type to “prove you aren’t a robot.”

While many authorizing bodies moved away from that type of captcha, many still used the quadrant based type of captcha. These often feature parameters such as “click every square with a car in it” or something like that.

With so many articles from last year claiming its death, why is captcha still a thing?

Gizmodo

Captcha is Dead; Long Live Captcha

Even back in 2017, everyone referred to this jumbled technology as a “necessary evil.” Of course, that didn’t stop everyone from “celebrating” its supposed death.

Example of a modern type of captcha via Medium

In reality, Google enabled a feature for websites that allowed to use invisible reCAPTCHA.

If Captcha is a “reverse Turing test”, then reCAPTCHA is the super stealth mode version of that. You can read all about it here on Google’s very own page about it.

The idea behind invisible reCAPTCHA was to reduce friction for internet users. Making their experience more seamless could only improve overall internet enjoyment, right?

I don’t disagree, but that adjustment does not mean that Captcha is dead y’all.

A Fresh Innovation Emerges Using Biometric Authentication

Everyone knows how hot-to-trot the tech world is on biometrics right now.

If you need a refresher, biometrics relates to ways you can unlock devices or prove your identity with parts of your body such as fingerprints, face scans, and retinal scans.

Just think of how you unlock your iOS or Android device — probably with fingerprints.

Though Samsung wants to incorporate face-detection like Apple, initial results don’t inspire much confidence. And if mediocre police face-recognition numbers are any indication, biometrics aren’t the best way to create predictive systems.

But merging real-time captcha with biometric authentication might just work.

The Georgia Institute of Technology published their findings in February 2018. The paper contended that a “new login approach” would improve biometric security techniques. By incorporating captcha techniques, humans would more easily pass the test.

However, would-be attackers would struggle with the test despite any spoofing tech, image generation technology, or botnets they might be leveraging.

Erkam Uzun, one of the graduate research assistants on the project, described how the approach seeks to prevent attackers simulating blinking or smiling to fool biometric authentication techniques.

“We are making the challenge harder by sending users unpredictable requests and limiting the response time to rule out machine interaction.”

Wenke Lee, a professor at the university and co-director of the Georgia Tech Institute for Information Security and Privacy, further elaborated on the approach.

“But by presenting a randomly-selected challenge embedded in a Captcha image, we can prevent the attacker from knowing what to expect. The security of our system comes from a challenge that is easy for a human, but difficult for a machine.”

placeholder
Captcha gif featuring a Team Fortress 2 character via Giphy

Password Alternatives are the new Black

Real-time captcha technology making its way into biometrics shouldn’t surprise you. After all, many companies want to altogether eliminate the huge security risk that is passwords.

Firefox incorporated Web Authn to improve data security this year. LISNR leverages the power of sound waves to alleviate the vulnerability of QR codes for various tasks such as ticket purchasing and distribution.

But the approach outlined by the Georgia Tech team has to worry about noise, camera security, and server security, too. Only time will tell if this technology will ever really die or just keep evolving, subsisting off the sustenance of other technologies all the while.

What are some of the worst captchas you’ve had to fill out?

Found this article interesting?

Let Juliet Childers know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Juliet Childers

Content Specialist and EDGY OG with a (mostly) healthy obsession with video games. She covers Industry buzz including VR/AR, content marketing, cybersecurity, AI, and many more.

Comments (0)
Most Recent most recent
You
Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.