- Recaptcha tests are not particularly effective in blocking security threats, says research
- Security tests also cost millions in lost time for users
- The new ‘invisible challenges’ could be an alternative for companies
There will not be many Internet users who are not familiar with captchas, or ‘completely automated public disturbance test to indicate computers and humans’, common use tests that give access to websites, often asking users Let them click ‘Image with a traffic light’ or such.
Well, it turns out that everyone’s small favorite inconvenience is not even effective in preventing Bot traffic, since a study called “stunned and confused: a study of users of recaptchav2 users of the real world on a large scale has discovered that the Tests have wasted millions of time for Internet users, but also generated an estimated $ 888 billion in monitoring cookie data for Google.
The tests are practically inevitable, and are so widespread that users have spent approximately 819 million hours solving them, although each test leads researchers an average of only 3.53 seconds to complete. The bots are increasingly capable of solving captchas, and the tests can become obsolete, this is what we know so far.
A farm farm for profit?
The report indicates that there are two common test types, captcha and recaptcha: the first are the text -based challenges where users deciphered the scrambled characters, and the second is a more advanced approach based on images that obtains Google Street images View, and in which users are asked to select the image, including a bicycle, for example.
When Google acquired recaptcha in 2009, he used technology to improve Google Street View through photo processing of the house numbers and street signs, and to digitize Google’s books.
But the captchas are no longer suitable for their purpose, or at least, not in the way they used to be. The development of new AI tools means that captcha tests can be resolved by bots, making them almost completely obsolete, but only for the apparent Purpose of technology.
For only 2010, there were automated services that could solve the images of tagging of image with a accuracy of 100%, so the recaptcha tests are inadequate as a security challenge.
What this study reveals is that it recaptcha ‘broadly monitors user users cookies, browse history and browser environments, which can be used to track users and advertising.
The study continues to explain the tests: “It would not make sense as a security service, but it would make sense since obtaining tagged image data is very valuable and is even sold by Google.”
Legitimate challenges not only not only protect users, but investigators have observed the false pages of captcha used to spread infesting malware, presenting a serious risk for offsembled surfers,
“Given the flagrant vulnerability, the ease of implementation of large -scale automation and the use of invasive privacy cookies of Cookies Recachav2 is presented as a complete vulnerability disguised as a security tool,” the study confirmed.
However, it is not just the lost time, and as with all the internet activity, the captchas use energy: 7.5 million kWh, or 7.5 million pounds of CO2 to be precise,
This leads us to the “true purpose” of the captcha tests. These tests could be obtaining great profits for Google, which have potentially won $ 8.75-32.3 billion dollars for each sale of its total labeling data set;
“The conclusion can be extended that the true purpose of Recachav2 is a free labor that marks the image and monitoring of the cookies farm for advertising and data gains disguised as a security service.”
An ‘invisible’ alternative
It is undeniably important that companies verify if users are human or bots, protect against ddos attacks, data scrapers, resellers and more. So, if Captcha is not an effective security measure (and it is quite annoying for users), what are the alternatives?
Well, for now, Captcha is practically inevitable for anyone who sails online. However, there are alternatives for companies, which can move from tests to something safer and easy to use.
Now there are ‘invisible challenges’ that provide a much easier to use security solution for websites, with better data accuracy and adaptability. These work through the use of complex algorithms and behavior analysis to distinguish between humans and bots, all without the need for explicit user interaction.
While these invisible challenges do not necessarily spend the end for a need for captcha, they can be combined with traditional captcha tests to offer a much more perfect experience and provide more solid security for commercial websites.
To help maintain their safe networks against Bot attacks, we have also presented the best Firewall software, which will help you act as a shield around your network infrastructure, and many will block harmful files before you can install and damage your system.
