Menu Close

Why are CAPTCHAs everywhere? – What is the main purpose of using Captcha?

When entering credentials on websites like signing up for accounts, you might be asked to copy a series of words or a math sum to continue and even “I’m not a robot” checkbox”. While most of the time this is a quick step before you can continue your activity, many people wonder what a CAPTCHA is? And what is its purpose?

What does CAPTCHA mean?

Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA). With just the full statement of CAPTCHA, one is able to understand partially what it means. But let me make you understand it more. It was introduced to differentiate between genuine users(humans) and bots. You may not know what CAPTCHA is, but you have certainly used it many times before.

Major Purpose of CAPTCHA

CAPTCHA is actually a very important tool for protecting websites against bots and automated hacking tools by determining whether the user is real or a spam robot. Bots are not necessarily robots as someone would think but they are self-driven programs like Siri or google assistant that is told what to do and does it automatically. automated processes such as worms would have a much harder time solving the CAPTCHA.

How Does a CAPTCHA Work?

Alan Turing, known as the father of modern computing not mistaken for Charles Babbage father of computers, proposed this test as an experiment to see if machines could think or appear to think like humans. The Turing Test is based on imitation. An interrogator asks two participants a series of questions. One of the participants is a machine while the other is human. The interrogator does not know which one is which and attempts to guess which participant is a machine. If the interrogator fails to figure it out, the machine has passed the Turing Test.

CAPTCHA is used to prevent bots from automatically submitting forms with Spam or other unwanted content by generating tests or puzzles that humans can pass, but bots can’t, they stretch or manipulate letters and numbers and they rely on the human ability to determine which symbols they are.  These involve asking users to identify letters that are distorted so that bots are not likely to be able to identify them. To pass the test users have to interpret the distorted text, type the correct letters into a form field, and submit the form. Such tests are common in login forms, account sign up forms, online polls, and e-commerce checkout pages. The idea is that a computer program such as a bot will be unable to interpret the distorted letters, while a human being is used to seeing all kinds of context, different fonts, different handwriting to mention but a few will usually be able to identify them. The best that many bots will be able to do is to input some random letters making it statistically unlikely that they will pass the test.

Forms of CAPTCHAs

captchas
forms of captchas

Secure images: Images are distorted randomly when presented to the user. With minor distortions, the image is more vulnerable to automated attacks.

Unique CAPTCHAs: If every site used similar CAPTCHA codes, hackers could catch on and create bots that would bypass this test. That’s why it’s important to change the type of CAPTCHAs every so often and avoid common mathematical equations such as 1+1.

Script Security: In addition to making sure your images are unreadable by computers, you should also ensure that there are no easy ways around the script level.

Conclusion

Although captchas are designed to block automated bots, captchas are themselves automated and are programmed to pop up in certain places on a website, and they automatically pass or fail users. This is getting more and more difficult to decode for humans as the bots are getting better at it. Advanced bots are able to use machine learning to identify distorted letters and malicious apps are very good at completing forms automatically, so these kinds of captcha tests are being replaced with more complex tests like Google reCAPTCHA developed a number of tests to sort out human users from bots. Google and other companies use reCAPTCHA to prevent bots from creating multiple Gmail accounts. It involves the use of images as a text as used by twitter and bots are not so good at decoding the text hidden in images thus bots fail the test and are blocked from interacting with the website or application while humans are able to continue using it like normal. We recommend a website that creates one for you such as reCAPTCHA from Google. In order to keep your device safe in addition to CAPTCHA

for more information about this topic refer to googles blog here.