Why CAPTCHA is Becoming Difficult

Why CAPTCHA is Becoming Difficult

Remember the good old days when all you had to check was ‘I am not a robot’ button and you were good to browse any website? Over time, it has been replaced by demands from Google to prove that you are not a robot, you either have to select all the traffic lights, storefronts, fire hydrants, crosswalks and whatnot in a set of images shown. While previously the images were clear and objects were easily visible, now they are blurrier and a tad bit challenging comparatively. If you do the correct selection, you get access to the website and if not, you have to redo it.

It is not difficult of course but just a burdensome step that sometimes makes you angry on Google. Why can’t we simply browse on internet without having to prove time and again that we really are humans? This is a question that many have and, in this article, we will try to answer it.

What is CAPTCHA

These ‘human-identification’ tests are known as CAPTCHA, which stands for Completely Automated Public Turin test.  The test was specifically made to differentiate between a computer (robot/bot) and a human. While in the 2000s, simple images of text were enough to stop majority of the spambots, with time they have become smarter.

“CAPTCHA is seen as one of the best ways to train Artificial Intelligence (AI), which is why any identification test that Google develops is only temporary.”

As AI gets more sophisticated, stronger and complex CAPTCHA will be required.  As Google bought CAPTCHA from Carnegie Mellon researchers to digitalize Google Books, it became crucial to find a way to stop the very same robots/programs from accessing websites, and posing as humans.

Why it is getting complex

In 2014, Google battled one of its machine learning algorithms against humans to solve difficult-to-read CAPTCHAs – while the algorithms got the CAPTCHA right 99.8% of the time, humans only got it right 33% of the time. This is when image grids were introduced to differentiate between robots and humans. Google incorporated NoCaptcha ReCaptcha that observes the behavior and data of users to allow humans to simply click on ‘I am not a robot’ button while it presents image grids to others. Unfortunately though, AI has become smarter over the years and it is not far when a new identification method would have to be introduced.

To demonstrate how far AI has come, a computer science professor from the University of Illinois at Chicago, Jason Polakis published a paper in 2016. He used image recognition tools including Google’s reserve image search to solve Google’s CAPTCHAs with 70% accuracy. He pointed out in his paper, “We’re at a point where making it harder for software ends up making it too hard for many people. We need some alternative, but there’s not a concrete plan yet”.

Other researchers have also beaten Google’s audio CAPTCHA by using the audio recognition programs of Google. Advancement in AI is going at bullet train speed, which is why CAPTCHA is destined to become complex too. Shuman Ghosemajumder, who worked at Google in the past said that no matter what type of CAPTCHAs is introduced, they will eventually be broken by the AI, whether they are video, game or something more complex. A better way to determine whether a website is being viewed by robot or human is to constantly keep a check on their activity. Ghosemajumder said that a human does not have good control over their motor functions, their scrolling is haphazard and but a robot will move the mouse in a mechanical, and precise manner – which can easily differentiate a human and robot.

The latest version of Google CAPTCHA, CAPTCHA v3 does adaptive risk analysis to see how shady/suspicious the user seems to be. Website owners are given the option to either request a password or a two-factor authorization process from the suspicious users.

Close Menu