Why is Captchas Getting so Hard to Decipher?

If you have completed any kind of application or form online that require authenticity authorization you have most likely encountered a Captcha. Captchas require Internet users to type in a word, an alpha numeric character set, or a set of numbers that are displayed as images, sometimes against distorted backgrounds, or the letters may be morphed; to gain access to a website. Captchas were originally designed to deter automated data harvesting bots. Captcha is the acronym for; completely automated public Turing test to tell computers and humans apart.

As automated data harvesting bots became smarter, able to decipher the Captcha automatically, the Captchas had to become more complicated. This presented two problems, the more complex Captcha can become to difficult for humans to decipher, and that spammers have enlisted a hive mind network of humans to attack Captchas. Data harvesting bots scrap information from web sites, redesign it and post it as their web site information, some harvesting bot owners sell the information they scrape, while others data warehouse the scraped data. Spammers bypass Captchas' to avoid automate sign up for web site services, enabling them to sign up for numerous accounts fast. These Captcha bypass techniques cost Internet site owners millions of dollars annually in lost revenue.

To deter spammers further, an implicit Captcha process has been proposed. Designed by Jon Bentley of Avaya Labs and Professor Henry Baird of Lehigh University, implicit Captchas would require a number of tests be administered which the visitor has to interact with during their website visit and browsing experience. The test may require the site visitor to click on an object in and image to be forward to another page. Successfully navigating through these implicit Captcha would confirm that the surfer is probably a human at the keyboard. The efficacy of this process is yet to be tested in a production environment. The underlining theory of the implicit Captcha process is the test would require so much human attention and interactivity that it would no longer be cost effective for professional spammers to employ a net of Captcha breakers.

Luis von Ahn, a Captcha developer and professor at Carnegie Mellon believes if the Captcha system was dropped, disbanded, forgotten about, web site authenticity authorization totally eliminated, then every web site connected to the Internet would be open to total pilferage by automated data harvesting bots and spammers. Everything would be a mess. There does not appear to be any indications on the radar for the elimination of the Captcha system. Von Ahn believes Internet Web surfers should accept the value and importance that Captcha provide and muddle through even the complex and difficult Captchas.

Resource: The Captcha Arms Race - Technology Review - March/April 2009