The next generation of Captcha, that prove-you’re-not-a-bot staple of the contemporary internet, could revolve around not only whether users are able to respond to a given prompt, but in how they respond on a physiological level – in other words, a biometric Captcha that combines facial and speech recognition with a knowledge-based test.
Dubbed “Real-Time Captcha”, the system has been developed by researchers at the Georgia Institute of Technology, who presented their findings at this week’s Network and Distributed Systems Security (NDSS) Symposium 2018 in San Diego. Essentially, the system prompts an end user with a question, and then uses their smartphone’s camera to watch them as they answer it.
Remarkably, it’s the speed of users’ answers that authentication rests upon, as machines are actually able to respond with illegitimate video and audio. The system was tested on 30 subjects, and researchers found that while human participants could answer the Real-Time Captcha questions in a second or less, the best AI-based systems took somewhere between six and ten seconds to decipher the answer and respond with fraudulent media.
The research was aided by government funding from some considerable military entities – the Office of Naval Research (ONR) and the Defense Advanced Research Projects Agency (or DARPA). So while it’s too early to say whether the Real-Time Captcha system will find its way onto the internet for everyday users as the original Captcha has, the authentication mechanism, or something very much like it, could see some sensitive government applications as development continues.
Source: Georgia Tech News Center
February 22, 2018 – by Alex Perala