CAPTCHA was born in response to the hacker threat, due to the creation of robots to bypass different systems. Nowadays, CAPTCHA usage is very popular on the Internet. In this note, our ZARZA Engineers discuss about this interesting topic, sharing specific and accurate information about it and it’s correct use, along with alternative recommended measures.
What is CAPTCHA? What is it for?
When we sign up in a website, or complete a form, we get a warped text, an image. You’re asked to write down what it says, or in fact, to transcribe its content… That’s a CAPTCHA, it determines if the form is being filled whether by a software (a programmed robot), or a human being.
CAPTCHA: Completely Automated Public Turing test to tell Computers and Humans Apart
What we understand as CAPTCHA is the Turing test, a completely automatic and public test to differentiate computers from humans. It looks like this example:
As you see, the letters suffer variations, making more difficult the robot’s characters discernment, but still letting humans identifying the sequence, which is «smwm», however, statistics show it’s not that easy for everyone.
CAPTCHA may contain not only distorted letter but also lines, gradients and distracting elements to increase its level’s complexity.
Modern CAPTCHA also include the option to listen to its letters, but also trying with a different CAPTCHA, in the event we can’t decode it. For example, one of the most highlighted ones, is the free one offered by reCAPTCHA (currently owned by Google), combining 2 or more words, as you will see on the following example:
CAPTCHA complexity will continue to increase and become more modern, however we’ll still see the fine line between what’s comprehensible for a human, but not for a robot.
Is CATPCHA totally impassable? No, it’s not.
Nowadays, both, Black Hat Hacking and White Hat Hacking practitioners, know that there are visual recognition tools promoted via Internet, and even some payed services whiting and outside the Deep Web, offering expedited connections to decode different CAPTCHA, infringing systems and slowing them down.
That’s exactly why when developing your software, or paying for it, you must consider CAPTCHA just as an additional precaution, never as the only control method to keep your system protected.
Additional recommendations, depending on the system’s scheme, may be the following:
To ZARZA Engineers it’s, and it’ll be a pleasure to help you in all your software developing needs, remember that our specialty is to satisfy your needs, keep you safe and protected and raise your performance, but also raise the performance of your presence on the Internet.