How Does CAPTCHA Work?

We’ve all had to confirm we’re not a computer when attempting to log into an account. This is the core purpose of what once was called CAPTCHA… the Completely Automated Public Turing test to tell Computers and Humans Apart. However, it seems surprising that computers don’t easily overcome these simple-seeming tests.

Let’s dig into why these simple tests actually are effective at differentiating between human users and automated bots.

Authentication Was Once Far from Perfect

You may remember the CAPTCHA tests of the past, where they were random sequences of distorted alphanumeric symbols. While this approach was once effective, advancements in technology ultimately switched the paradigm. Instead of humans being able to interpret the symbols that baffled computers, computers were able to identify codes that human beings had little hope of transcribing… particularly those with conditions that impacted their vision.

Making matters worse, spammers began outsourcing, paying workers 30 US cents for each 1000 CAPTCHAs they deciphered.

A Pioneer of CAPTCHA Also Invented reCAPTCHA

A Guatemalan native, Luis von Ahn studied at Duke and Carnegie Mellon University, after which he joined the latter’s School of Computer Science as a faculty member. Not only was he one of the initial creators of CAPTCHA in 2003, but he also spearheaded the development of reCAPTCHA in 2007 before selling it to Google in 2009. After this accomplishment, he cofounded Duolingo, the world’s largest online language-learning platform.

How Does reCAPTCHA Work?

You’re likely quite familiar with the reCAPTCHA box’s circular arrow logo and simple “I’m not a robot” prompt. This test seems to be the simplest yet… all you have to do is check the box next to the prompt to confirm your humanity.

This test works by assuming that a human won’t be perfect, especially not compared to a computer asked to do the same thing.

For instance, let’s imagine that this page had a reCAPTCHA prompt on it. You’d have to move your cursor over to the reCAPTCHA field and check the box, as would a bot. However, if we were to compare your cursor movement to the bot’s, yours would be wobbly and imperfect, all at varying speeds, while the computer-controlled cursor would be precise and accurate, moving at a constant and consistent speed.

Make no mistake, the system may give you a more traditional CAPTCHA test if it is unsure based on your prior performance, but even that seems to be more of a mouse-tracking tool than a competency test… after all, even if you miss highlighting one of the squares with a roadway, it often passes human users.

These reCAPTCHAs also take the user’s browsing history into account, as this is one of the clearest ways to identify a human being amongst billions of bots.

Think about all the inane or trivial things you’ve Googled. A bot isn’t going to search for that, but someone legitimately using the search platform likely will have. This is one of the benefits of Google knowing what you do online. Lately, reCAPTCHAs have popped up that are completely automatic, relying solely on tracking information.

To Err is Human… So It’s Okay to Make a Mistake in reCAPTCHA

For all the other times you make a mistake, you can rely on White Mountain IT Services. We help New Hampshire businesses manage their mission-critical technology so they can accomplish more, more securely. Call us at (603) 889-0800 to learn more about what we do!

White Mountain IT

Related Posts

Have You Ever Considered What a Ransomware Attack Actually Does to Your Business?

Last week, we discussed the many impacts your business suffering from ransomware has on “second-order harm,” downstream businesses, and average, ordinary people. This time, we wanted to return to “first-order harms”… those the impacted business has to deal with itself. Obviously, the First Place Ransomware Hurts is the Business When we last discussed the impacts of ransomware, we skipped over ...

The Cybercrime Economy

Remember the stereotypical hacker? A lone kid in a hoodie, fueled by caffeine and curiosity, breaking into a system just for the thrill or bragging rights? That image is obsolete. Today, hacking has evolved from a counter-cultural movement into a sophisticated, multi-trillion-dollar global industry. The staggering cost of cybercrime is predicted to reach $10.5 trillion annually by the end of th...

Why (and How) SMBs Should Strategically Adopt Technology

There is no question that a small business can benefit from technology, as has been proven time and time again. However, an issue can arise if a business bites off more than it can chew, so to speak, and ultimately creates a spike in costs. A responsible business owner will resist this temptation and prioritize the solutions they need over the ones they want - building profitability and generating...

The Importance of Passwords Cannot Be Ignored

Passwords protect nearly all of your accounts; or at least you hope that they do. Unfortunately, making a super-secure password that’s easy to remember can be harder than people expect. Oftentimes, it feels like you are constantly solving a puzzle. So then, how do you create passwords that keep hackers out without driving yourself crazy? In this month’s newsletter, we discuss this very problem. ...