Academic journal article Issues in Informing Science & Information Technology

CAPTCHA-Security Affecting User Experience

Academic journal article Issues in Informing Science & Information Technology

CAPTCHA-Security Affecting User Experience

Article excerpt

Introduction

In the era of Cyber threats, it is very important to understand if the user trying to access a Website is a real person or a "bot", a malicious automated program. In order to decide whether to allow the access, the first CAPTCHA test was invented in 2000 by John Langford, Nicholas J. Hooper and Luis Von Ahn and it is still used (Singh & Pal, 2014). CAPTCHA is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart".

The CAPTCHA test performs an authentication process, called a "challenge-response authentication", because it presents a challenge to the user, and only when it is solved, the right to access the Website is given (Ling-Zi & Yi-Chun, 2012). It is difficult and almost impossible for bots to solve these challenges (Saini & Bala, 2013). The operation is similar to a reverse "Turing Test" where the CAPTCHA test acts like a judge and on the other side stands the "user", which may be human or not. CAPTCHA tests must be, on the one hand, very easy for the user in order to pass, and, on the other hand, very difficult for the bots to pass. The conflict between approachability and protection in the Internet world is a complex issue, dealing with the necessity to allow a wide range of different users to access the desired Website, but preventing the access of malicious elements.

Cyber threats became abundant, and the attempts to reach computers by unauthorized agents are growing. For example, according to Symantec (2011), 75.8% of the emails sent are "spam", where 82.2% of them are originated by bots. Therefore, CAPTCHA implementations can be found on more than 3.5 million sites globally, in all kind of Websites, like sites for fill-in forms, write comments, and buy tickets, and human beings solve CAPTCHA tests more than 300 million times a day (Angre, Kapadia, & Ugale, 2015).

Different Types of CAPTCHA Tests

During the last years, several types of CAPTCHA tests were defined and developed. Below is a description of the most common different types of tests.

Text-based CAPTCHA tests--This is the most common test, called "reCAPTCHA", in which a sequence of letters and/or numbers is shown in a distorted and twisted manner, as seen in Figure

1. The user needs to identify and decipher what is shown, and type the exact sequence into a provided text-box in order to get access to the desired Webpage. This system, was originally aimed to help digitize printed text that was hard to read by OCR (Optical Character Recognition) softwares, and was acquired by Google in 2009, in order to use the "Common Wisdom" to digitize large number of manuscripts ("reCAPTCHA," n.d.).

Audio based CAPTCHA tests--This test was developed for vision-impaired people. The user must listen to a sequence of letters and/or numbers and type the sequence in the text-box.

Pre-analysis of user behavior--In 2013, reCAPTCHA began implementing behavioral analysis of the browser's interactions with the CAPTCHA to predict whether the user is a human or a bot. This analysis, called "No CAPTCHA reCAPTCHA" (shown in Figure 2), occurs before displaying the text-based CAPTCHA and, according to the analysis, when there are reasons to think the user might be a bot, a more difficult test is presented to the user. By end of 2014 this mechanism started to be rolled out to most of the public Google services ("reCAPTCHA," n.d.).

Arithmetic operation based CAPTCHA tests--In this type of test, as shown in Figure 3, the sequence shown to the user contains a very basic arithmetic operation, i.e., "1 + 3=", which can be performed by almost every human being. The user needs to enter the result of the operation into a text box.

Picture based CAPTCHA tests--In this test a number of pictures are shown to the user, with a simple question, as shown in Figure 4. The user must identify the pictures and select the one that is the correct answer to the question. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.