What is a CAPTCHA? What types of CAPTCHA are there?

Like everything in the information age, change is rapid and it quickly becomes so familiar to us that we don't even notice it. The CAPTCHA online user authentication system is one example.

When you click on the I'm not a robot checkbox it seems like a very simple action, just one click, but the truth behind it is more complicated than that. You can read the article about I'm not a robot on TipsMake to understand more about this type of CAPTCHA.

In the following article, I will learn about what CAPTCHA is, how it was born and why websites need CAPTCHA, reCAPTCHA or I'm not a robot.

What is CAPTCHA? Why is CAPTCHA needed?

CAPTCHA stands for 'Completely Automated Public Turing test to tell Computers and Humans Apart'.

In today's Internet age, the chances are high that a website's reader is a robot. Bots programmed for malicious purposes (to run automated tasks) are increasingly common on the Internet. They can be used on a variety of scales, from creating fake social media accounts, to booking tickets to a popular concert, to staging a large-scale distributed denial of service (DDoS) attack . This can disrupt the operations of everything from banks to government websites. Given the risk, there needs to be some way to differentiate malicious bots from real, well-intentioned users. That's where CAPTCHAs come in.

The Birth of CAPTCHA

Like bots and many other Internet innovations, CAPTCHAs originated in the hacker community. Back in the 1980s, hackers invented leetspeek to bypass security on Internet chat forums. Leet is a method of converting words into lookalike characters or abbreviations that computers can't understand, it's a lot like today's teen language, for example:

  1. leet > I33t
  2. censored > c3n50red
  3. p0rn or 53x

In the days before Google, websites were manually submitted to search engines. While submitting URLs helped expand the database, some people used bots to spam search engine servers in an attempt to manipulate search engine ranking algorithms.

In 1997, to prevent fake/automated website submissions, AltaVista (a popular search engine at the time) implemented a CAPTCHA-like system that requires users to enter a series of distorted characters into a text box. This type of CAPTCHA is still commonly encountered when registering a new account or submitting information on the internet, it is based on three principles:

  1. Humans can more easily recognize characters that are distorted, rotated, or skewed.
  2. Humans can more easily separate overlapping characters.
  3. Humans can more easily place characters in a visual context to understand what they are, for example, identifying a character based on the entire word in which it appears.

What is a CAPTCHA? What types of CAPTCHA are there? Picture 1

This algorithm was developed by Andrei Broder, Chief Scientist at Alta Vista, and then perfected by researchers at Carnegie Mellon University (led by Luis von Ahn (aka Big Lou)) in the early 2000s.

In 2003, von Ahn's team published a pioneering paper describing different types of software programs that could tell humans apart from computers. They also coined catchier acronyms.

reCAPTCHA appears

As CAPTCHAs became more and more prevalent in Internet security, Luis von Ahn felt that humans were wasting too much time solving these image puzzles. In a 2011 TED Talk, von Ahn estimated that humanity as a whole wasted 500,000 hours every day typing CAPTCHAs.

When asked if there was a way to make CAPTCHA more robust and meaningful, he developed reCAPTCHA, which was later sold to Google in 2009. Today, there are a number of projects and companies (including Google Books, the Internet Archive, Amazon Kindle, and The New York Times) that are scanning and indexing large numbers of books, documents, and images for use on the web with the help of reCAPTCHA.

reCAPTCHA works by taking words that are not recognized during scanning and presenting them to the user, next to a known word for the user to interpret. By correctly typing in the known word, you are confirmed as a human and the reCAPTCHA system is confident that you have correctly digitized the second word. If 10 other people give the same answer to the unknown word, the system assumes that you entered the correct word.

What is a CAPTCHA? What types of CAPTCHA are there? Picture 2

reCAPTCHA has helped digitize millions of books every year and has also expanded to support other efforts like digitizing street names and numbers on Google Maps or recognizing common objects in photos for Google Images. If you want to learn more about this form of CAPTCHA, you can read TipsMake's article The Secret Behind the Free Program reCAPTCHA .

What is a CAPTCHA? What types of CAPTCHA are there? Picture 3

Visual CAPTCHAs aren't the only form, there are also audio for the visually impaired (often distorted to prevent speech recognition software), text questions that computers can't understand, or PiCAPTCHAs, which consist of a series of images and require the user to select them in a certain order.

I'm not a robot appeared

Von Ahn is pleased with the new version of reCAPTCHA and thinks it will last forever because 'there's a lot of printed text.' But this is the Internet age, and many things we take for granted online may one day disappear. CAPTCHA systems are no exception.

CAPTCHAs are not unbreakable. In 2014, Google's analysis showed that artificial intelligence could solve the most complex CAPTCHA and reCAPTCHA images with 99.8% accuracy.

Google has created a new system called No CAPTCHA reCAPTCHA: I'm not a robot, which relies not on a user's ability to decipher text, but on their online behavior before passing the security checkpoint. Once a user is on the page, the algorithm looks at how they interact with the content to decide if they are a human or a robot.

What is a CAPTCHA? What types of CAPTCHA are there? Picture 4

Specifically, Google will analyze your behavior before, during, and after clicking the checkbox to determine whether you have traits that appear human. This analysis can include everything from your browsing history (a malicious bot doesn't necessarily watch a few YouTube videos and check Gmail before signing up for a bank account) to how you move your mouse around the page.

If Google is still unsure whether you are a human, after clicking the checkbox you will be presented with a visual reCAPTCHA (with words, street signs or images) as an additional security measure. This multi-faceted approach is necessary as computers become more adept at recognizing complex images and with the rise of CAPTCHA farms (where large numbers of workers are paid to answer CAPTCHA puzzles).

The war between security experts and spambots will probably never end. One day, No CAPTCHA reCAPTCHA may be bypassed and replaced by other technology. When that happens, always be vigilant.

4.5 ★ | 2 Vote

May be interested