Google Kills the CAPTCHA, Sort Of

Google aims to address the issue of annoying CAPTCHAs. The tech giant's new NoCAPTCHA reCAPTCHA will give users a checkbox to mark instead.

Google Kills CAPTCHAs

Anyone who has tried solving a CAPTCHA knows how frustrating the experience can get sometimes. The increasingly distorted text and audio used by some CAPTCHAs to confound sophisticated spambots and other automated software programs can just as easily stymie humans.

Google is hoping to address that issue with its new "NoCAPTCHA reCAPTCHA," a widget that it claims simplifies CAPTCHAs by doing away with them entirely—sort of.

Instead of having Internet users confirm that they are human each time by filling out complicated CAPTCHAs, Google's new widget will just ask them straight up if they are robots, programs or not.

"On Websites using this new API, a significant number of users will be able to securely and easily verify they're human without actually having to solve a CAPTCHA," Google Product Manager Vinay Shet wrote in a blog post Dec. 3.

Instead, they will be presented with a short message that asks them to tick a checkbox captioned "I'm not a robot."

By simply clicking on the box, a majority of users will be able to confirm they are not robots, thanks to a sophisticated Google risk analysis engine running in the background, Shet wrote.

"While the new reCAPTCHA API may sound simple, there is a high degree of sophistication behind that modest checkbox," he said.

Over the years, robotic programs have become increasingly adept at beating even the best CAPTCHAs. Google's own research has shown that current-generation artificial intelligence technology can decipher even the most complex CAPTCHAs with more than 99 percent accuracy, Shet said.

"To counter this, last year we developed an Advanced Risk Analysis backend for reCAPTCHA that actively considers a user's entire engagement with the CAPTCHA—before, during and after—to determine whether that user is a human," he said.

The risk engine allows Google to consider other factors, besides a user's ability to correctly type distorted text in order to spot an automated bot program. In situations where the new API is unable to correctly predict if an Internet user is human or a bot, it will present a CAPTCHA.

Among the early adopters of the new widget are Snapchat, WordPress, Humble Bundle and several others, Shet said.

The blog does not offer many details on the risk analysis process Google uses to differentiate between a bot and a human.

A Google spokeswoman said the company could not share a lot of detail on the specific cues that are used in making the determination because scammers would benefit from it.

Google's Risk Analysis Engine has extensively analyzed the manner in which humans interact with their computers and has created a model for how humans interact with a CAPTCHA. When a new visitor arrives at a CAPTCHA-protected Website, the risk engine compares the new interaction with its model of human interaction to arrive at a prediction.

One way it has done that till now is to have users type in distorted text. The checkbox is a user-experience improvement, especially for mobile users, she said. The same technology has also allowed Google to dramatically simplify audio CAPTCHAs so blind users can solve them more easily, the spokeswoman said.

Jaikumar Vijayan

Jaikumar Vijayan

Vijayan is an award-winning independent journalist and tech content creation specialist covering data security and privacy, business intelligence, big data and data analytics.