Animated CAPTCHA tech aims to fox spambots
Wiggly words will weduce web wexation
Replacing text puzzles featuring distorted letters with videos as a roadblock against the automated creation of web accounts can reduce user frustration while offering improved security, according to a Canadian start-up.
CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) have been used for some years to prevent the automated sign-ups to webmail accounts and the like. Users typically have to identify distorted letters depicted in an image. Over the years miscreants have devised techniques to break the process in order to create ready-to-spam accounts from reputable providers that are far less likely to be automatically blocked.
The sign-up for new accounts is automated, but solving the CAPTCHA puzzles themselves is tasked to the human cogs in 21st century sweatshops, often based in India, where workers are paid as little as $4 a day to defeat security checks.
Canadian firm NuCaptcha aims to rewrite the rules of account validation checks with a new video-based CAPTCHA system. Users are asked to identify moving text on a video background. The firm also offers a voiceover audio option for the partially sighted or colour-blind.
The technology is designed to work on a range of computing devices including hardware that doesn't support Flash, such as iPads, ReadWrite Web reports.
NuCaptcha reckons the technology is easier to use than traditional text-based CAPTCHAs, which have a 25 per cent registration abandonment rate, according to one recent academic study. The firm also claims to be able to detect automated attempts to solve its puzzles, throttling the speed of videos and making puzzles trickier to solve in cases of suspected abuse, as explained below.
Animation enables NuCaptcha to increase security features such as closely packing letters together; creating text that is very difficult for software, specifically Optical Character Recognition, (OCR) to solve compared to current products in the field. In contrast, the animation makes the CAPTCHA far easier for humans to solve, because humans are attuned to perceiving motion.
In addition, the NuCaptcha Platform utilizes behavioral intelligence to deliver very easy CAPTCHAs to legitimate users and increasingly difficult CAPTCHAs to attackers.
The first product on the NuCaptcha Platform, NuCaptcha Basic, a freemium security service for websites and blogs that offer up to 25,000 CAPTCHAs per month, was launched on Wednesday.
More details of the technology can be found on the NuCaptcha website here. ®
Doesn't seem to solve the problem
That's nifty and everything, but if the problem is that people are using sweatshops full of *people* to circumvent the CAPTCHAs, and the proposed solution is one which would make CAPTCHAs a lot harder for bots but not even a little harder for humans, then I think I see a slight problem with the whole idea.
What's wrong with a server-side imagemap?
Remember imagemaps? Fallen from favour, but 'click the only circle inside a triangle' or similar tests are easy to parse for a human, damn hard for a computer, and all the processing is server-side for the imagemap.
Not sure how to make it blindness-proof, but it would cover the bulk of cases quickly, easily and un-OCR-ably
Fail! Looks trivially easy to break.
This looks like an extremely poor captcha.
You can easily strip out everything (animated background, extra characters) except the characters you want just by filtering on the color red! Oops!
The text also follows the exact same path each time meaning there are are a couple of predictable places where the red text is actually almost aligned normally. It even uses a constant font!
I don't know for sure but I doubt you even need to OCR this.. if you can attach some kind of flash debugger (run it under a modified gnash?) to the animation as it's running you can proabably just hook into the function that draws red text!