The History of CAPTCHA: How it Appeared and Changed
CAPTCHA means an automated test that allows you to identify robots, bots, hacker software, and viruses that imitate people online. Basically, these are simple tasks or tests that a person can easily solve, but for a computer program it will be very time-consuming and complex (and, ideally, unsolvable).
CAPTCHA is those twisty images that you have to identify when registering on websites and certain other activities. Before each new registration, everyone understands that they will meet with a test of their humanity.
In this article, we’ll look at why a CAPTCHA is needed and whether it helps distinguish robots from people on websites.
Ransomware cases have grown by several times. You should protect yourself within the network.
Part 1: The History of CAPTCHA
How did CAPTCHA appear?
There is an opinion on the web that Google invented CAPTCHAs to train the artificial intelligence that controls drones.
Google spies on you constantly. Find out all the details here.
The CAPTCHA is based on a Turing test that can distinguish between a human and a robot. It first appeared in 2000, when an unusual interface control was successfully implemented that could distinguish a user from a bot for the first time. At that time, bots on the network were still in their infancy, but prudent developers had already begun to fight them. Without additional control, bots can overload servers and lead to failures that block the resource for real users.
For example, in 2000-2004, it was easy to force a bot to register thousands of fake pages or completely spam a forum with messages.
To prevent such situations at Carnegie Mellon University, a script was written that requires the user to enter characters from an image. It is easy for human users to recognize letters at different angles or with distortions, interference, curvatures, different fonts, etc. However, the random distortions make it impossible for computers to identify the text in the pictures.
With the help of such an elementary barrier, it was possible to reduce the load on common resources. It also became possible to protect yourself from fake pages and other robot activities.
How did CAPTCHA become useful?
Over time, the CAPTCHA became too common, and there were frequent complaints about the need to constantly input these characters. Nevertheless, there were aspirations in the community to find a worthy application of the technology.
In 2007, reCAPTCHA appeared for the first time, which gradually replaced the simple image. After clicking on the action confirmation button, images from old newspapers or photos from non-digitized media are displayed. These are mostly scans of old issues of The New York Times.
With the advent of this new technology, the audience no longer needs to decipher incoherent text characters. Instead, we’ve become involved in the digitization of the press from the last century. At the same time that we verify our humanity, we perform confirmation of scanned words from the newspaper.
*Note: Every day, internet users help to decipher 100 million words.
The development of bots also did not stop. Over time, they became smarter and learned to recognize reCAPTCHA text codes. So, Google developed a new algorithm to combat the new threat — graphic questions. The idea is to identify specific images among the nine: cats, cars, shop windows, fruits, road signs, etc.
The technology turned out to be even more effective, and it is easier for people to pass the test. As a result, the frustration of glaring at blurry text CAPTCHAs has gradually become a thing of the past.
In the latest version of reCAPTCHA, a person only puts a checkmark in the “I am not a robot” window, and the verification process is often completed. The verification algorithm is reduced to the analysis of the cursor movement. The bot always determines the shortest path and goes in a straight line.
Find out Google data tracking issues.
Part 2: The main CAPTCHA functionalities and work principles
Why do we need CAPTCHA?
The CAPTCHA is needed primarily by site owners — for ordinary users, this is just a minor hassle. The security program is installed to weed out bots that want to get to the site for different purposes. Let’s take a closer look at how the CAPTCHA helps to cope with bots.
- Protection against spam. Bots can send out ads, leave spam comments and reviews. If you have a large site and do not want to clean it all manually, a CAPTCHA will help.
- Protection against DDoS attacks — when a lot of requests are sent to the site at the same time, which the server cannot physically process, the site will collapse. A CAPTCHA can contain this flow.
Learn more about DDoS attacks here.
- Protection against brute force attacks, or the identification of usernames and passwords. Sooner or later, a person will get tired of guessing at usernames and passwords to hack a website. But the robot can do this indefinitely, and very quickly, and sooner or later generate suitable ones if it is not stopped in time with the help of a CAPTCHA.
- Protection against interception of goods in online stores. This is often practiced during sales and promotions on the site: bots imitate the actions of users and “buy” all goods, intercepting them from real users.
- Protection against data parsing. From experience, we can say that in this case, the CAPTCHA does not always work well — good parsing services have appeared. There is no critical harm from parsing for the site, but competitors will receive important information that is not intended for their eyes.
All types of network attacks are listed here.
Types of CAPTCHA
Today, there are quite a few varieties of CAPTCHAs. But the most famous ones are the following:
#1 Graphic. To pass the test, the user must specify the numbers, letters, and other symbols shown in the distorted picture (this is done specifically to complicate the task for the bot.)
#2 Sound. It consists in recognizing the text that sounds on the audio. It is also intended for those users who have vision problems.
#3 Figurative. The user must recognize certain images.
#4 Video. The background with the characters are moving.
How does the hidden Google reCAPTCHA work?
Invisible reCAPTCHA is now being widely implemented. When using a new reCAPTCHA, the user does not have to choose the image numbers that meet the established criteria. There is no need to check the box, pass special tests and complete tasks. How does the new Google recognition system work in this case?
Even private mode can’t save you from Google surveillance.
The improved version of invisible reCAPTCHA tracks the behavior of site visitors. It pays attention to many points, for example, on the specifics of interaction with each page of a web resource, on the nature of the mouse cursor movement on the screen and other actions. Each analyzed factor is assigned a score from zero to one based on how suspicious the action is.
The total value of all the scores (the final test result) will determine whether a person or a robot will have to enter a standard reCAPTCHA.
Disadvantages of CAPTCHA
CAPTCHA is inconvenient for the user:
- It is inconvenient when you have to peer into an illegible set of letters and numbers, and if an error occurs, start over.
- It is inconvenient that it is easy to make a mistake: it is difficult to distinguish the letter “O” from the number “0.”
- It is inconvenient that the CAPTCHA can’t remember that “I’m not a robot,” and it appears repeatedly.
Entering a CAPTCHA is always an unnecessary action, from the point of view of the users, who want their interaction with the site to involve a minimum of clicks. Accordingly, the CAPTCHA on the site worsens usability, and at the same time, the conversion rate.
For instance, let’s imagine a user has selected a product in an online store, is already ready to buy it, and at the last stage, they are asked to enter a captcha during registration. If the captcha is complex, they may well leave the site forever.
What should you do if the CAPTCHA is constantly found on different sites?
If you constantly see a CAPTCHA while surfing the internet, and it has managed to annoy you, then get rid of it. There are simple solutions that will help you eliminate this annoying problem.
1. The best option is to order the “dedicated IP address” service from your provider. The cost of the service depends on the specific internet provider — the region where the service is provided also matters.
IP logger removal guide is here.
2. Another ready-made solution is registering as a customer on any CAPTCHA decryption service and creating a task. Then, legal entities can use the services for solving images.
3. If you use special extensions to block ads, trackers, and attendance counters, then try turning them off for a while. After that, CAPTCHAs should not bother you anymore.