How CAPTCHA protects websites from bots?

0
887

‘I’m not a Robot’ or ‘Click the images containing motorcycles or traffic lights’ have been quite a familiar term these days while surfing websites. Those are nothing, but CAPTCHA or Completely Automated Public Turing test to tell Computers and Humans Apart, one of those examples of checking what the authentication subject is. In this scenario, the test attempts to determine whether the subject is a human being or a bot. You might well be asked to copy a set of characters or a math number to proceed while entering credentials or credit card details on a website. This is most of the time a fast move before you can carry on your task.

These tests help shield websites and accounts by developing tests or puzzles that human beings can easily go through but difficult for bots. Although a CAPTCHA does not prevent infection of malware or intrusion of the network by professional fraudsters who can hire human decoders, it can fight casual hackers.

According to the Carnegie Mellon University of Pittsburgh’s website, researchers created the very first CAPTCHAs for Yahoo to help stop automated programs from automatically setting up free email accounts, which in turn would be used to produce spams. When Google pitched one of its ML algorithms against humans in solving the most twisted CAPTCHAs text in 2014, it observed that the device got the test right 99.8 percent of the time, while humans got it right only 33 percent of the time.

This resulted in Google transitioning to NoCaptcha ReCaptcha, which monitors user data and actions to let certain users go through with a click of the ‘I’m not a robot’ button and introduces the picture labeling. These CAPTCHAs are expected to become increasingly complicated and trickier as bots become smarter and more acknowledged.

Although bots could read a text, they cannot recognize pictures, so spammers frequently turn to optical character recognition (OCR) software to get around a CAPTCHA, which scans documents into editable text, helping bots circumvent scrutiny tests. Besides, several other companies are offering to pay for people cracking CAPTCHAs at US$ 2 or less per crack.

According to Nan Jiang, a lecturer of human-computer interaction at Bournemouth University, a battle always exists between usability and security. Numerous approaches have been proposed for countering this problem. These include CAPTCHAs focused on popular nursery rhymes in the region where an operator allegedly grew up, CAPTCHAs indexing ancient petroglyphs, and a lot more. Other authentication mechanisms include two key verification methods, answering user-specified general questions, passwords, etc.

While CAPTCHA succeeds in minimizing the spam comments, eliminating fake registration, it is still not an unfailing solution. Furthermore, it is not beneficial to people with a visual disability, and interrupting their actions may result in a negative encounter for users.

Therefore, until an improvised solution or an upgraded version of CAPTCHA is sought, users have to secure their internet surfing with the help of the twisted numbers, characters, and images.