How Does CAPTCHA Work?

We’ve all had to confirm we’re not a computer when attempting to log into an account. This is the core purpose of what once was called CAPTCHA… the Completely Automated Public Turing test to tell Computers and Humans Apart. However, it seems surprising that computers don’t easily overcome these simple-seeming tests.

Let’s dig into why these simple tests actually are effective at differentiating between human users and automated bots.

Authentication Was Once Far from Perfect

You may remember the CAPTCHA tests of the past, where they were random sequences of distorted alphanumeric symbols. While this approach was once effective, advancements in technology ultimately switched the paradigm. Instead of humans being able to interpret the symbols that baffled computers, computers were able to identify codes that human beings had little hope of transcribing… particularly those with conditions that impacted their vision.

Making matters worse, spammers began outsourcing, paying workers 30 US cents for each 1000 CAPTCHAs they deciphered.

A Pioneer of CAPTCHA Also Invented reCAPTCHA

A Guatemalan native, Luis von Ahn studied at Duke and Carnegie Mellon University, after which he joined the latter’s School of Computer Science as a faculty member. Not only was he one of the initial creators of CAPTCHA in 2003, but he also spearheaded the development of reCAPTCHA in 2007 before selling it to Google in 2009. After this accomplishment, he cofounded Duolingo, the world’s largest online language-learning platform.

How Does reCAPTCHA Work?

You’re likely quite familiar with the reCAPTCHA box’s circular arrow logo and simple “I’m not a robot” prompt. This test seems to be the simplest yet… all you have to do is check the box next to the prompt to confirm your humanity.

This test works by assuming that a human won’t be perfect, especially not compared to a computer asked to do the same thing.

For instance, let’s imagine that this page had a reCAPTCHA prompt on it. You’d have to move your cursor over to the reCAPTCHA field and check the box, as would a bot. However, if we were to compare your cursor movement to the bot’s, yours would be wobbly and imperfect, all at varying speeds, while the computer-controlled cursor would be precise and accurate, moving at a constant and consistent speed.

Make no mistake, the system may give you a more traditional CAPTCHA test if it is unsure based on your prior performance, but even that seems to be more of a mouse-tracking tool than a competency test… after all, even if you miss highlighting one of the squares with a roadway, it often passes human users.

These reCAPTCHAs also take the user’s browsing history into account, as this is one of the clearest ways to identify a human being amongst billions of bots.

Think about all the inane or trivial things you’ve Googled. A bot isn’t going to search for that, but someone legitimately using the search platform likely will have. This is one of the benefits of Google knowing what you do online. Lately, reCAPTCHAs have popped up that are completely automatic, relying solely on tracking information.

To Err is Human… So It’s Okay to Make a Mistake in reCAPTCHA

For all the other times you make a mistake, you can rely on White Mountain IT Services. We help New Hampshire businesses manage their mission-critical technology so they can accomplish more, more securely. Call us at (603) 889-0800 to learn more about what we do!

White Mountain IT

Related Posts

The Secrets to an Optimal Password

Passwords are effectively the cornerstone of your business’ data security. If they aren’t up to muster, your protections could crumble. Unfortunately, many users shortchange their passwords to try to make them more convenient, also making them more convenient for cybercriminals. Let’s see how we could (and should) make passwords as effective as possible. Threats Against Your Passwords There ar...

IT Should Be Everywhere, From the Server Room to the Boardroom

You’ve likely looked at your business’ technology bills and seen nothing but dollar signs leaving your bank account. For many, IT feels like a necessary evil or a cost center that only gets attention when something breaks. The hard truth is that many businesses fail to scale because their technology wasn't built for the growth they planned. At White Mountain IT Services, we believe it’s time to stop reacting ...

What Does Your Cybersecurity Training Need to Include?

As we stand on the threshold of a new year, it’s worth noting that the term "cybersecurity" didn't even enter the common lexicon until the late 1980s. Before that, we just called it "computer security"—mostly involving locking the server room door and hoping nobody guessed the password was "admin." Fast forward to today, and the game has changed entirely. "Hoping for the best" is no longer a viab...

Three Questions You Need to Ask About Your Technology

Technology is an essential component for most businesses. Strategic integration of technology has been proven to address significant operational challenges that often elude smaller businesses and startups. In this context, we'll explore three critical questions about business technology that every tech-savvy individual should be acquainted with and make clear the importance of such knowledge. Q...