Video Captchas are Hard for Computers to Understand but Easy for Humans

A new company called NuCaptcha provides animated video captchas it says are much harder for OCR-based programs to crack than static captchas, but lots easier for humans to figure out. While at the 2012 RSA conference, Timothy Lord pointed his camcorder at NuCaptcha CTO Christopher Bailey, and had him explain how video captchas work and how the company makes money. The video includes demos of the video captchas so you can see what they look like (and the company's website has lots more video captcha examples).

Love it!

And making the captcha video longer will make the "pay some 3'rd world guy 1c to do 1000 of these" a little less feasible!

Fun to decode?

[Aladrin]

Looking at the samples on the screen as he was talking, I think those would be fun to write a decoder for... And possibly even easier than image captchas.

Why? Because they're moving, and you have a better chance to figure out the outline of each shape because of it. Also, you can use traditional techniques on each frame of the video and submit the one that has the highest confidence, and you could do that with existing tech.

Honestly, I don't see this being better than what we have.

Re:Fun to decode?

THIS THIS THIS.

They don't even bother to modify the images as they move.
Moving will give a more static object, more so by it moving frame by frame.
If it was those blurry, pixelized texts flowing over a background, it'd be considerably harder to pick out information, even better if they actually noise up the background as well.
It'd be great if they skewed, stretched and warped the image to certain extents as it moves.

I'd still rather see furry animals on a rug strip and you type the first letter for each animal. (which are listed, such as [c]at)
Face removed, instantly makes it a billion times harder to decode because computers fail so horribly at fuzzy, hairy things.
Few thousand animal pictures, stretch, skew, warp, flip, noise, rotate, scaled, you add considerably more new images you can use.
Basic rug strip, multicolored rug. Throw a few animals on it. (don't make them weirdly exotic animals, things everybody would know, 3-5 depending on behaviour analysis)
Also make sure to change the background up a little as well. Take 50 shots of it roughed up, different angles, then you can do the same processes above to a lesser extent. (in particular the rotating)
Make the animals different enough that they can be scaled to the same size and still be identified without a face, but not too wildly different.
Considering e have 3 animals minimum, if we had cat, dog, and gerbil, we'd know which the gerbil was pretty much right away, the fat hair ball, but telling the different between a cat and dog would be a bit more difficult.

Hell, combine video AND this with slight animations. (formed from randomly applying the effects on to the images above, looping them back to 0 when end is reached)
That'd make even Skynet implode. Mostly because the cute part.

Re:Fun to decode?

[HarrySquatter]

They don't even bother to modify the images as they move.
Moving will give a more static object, more so by it moving frame by frame.
If it was those blurry, pixelized texts flowing over a background, it'd be considerably harder to pick out information, even better if they actually noise up the background as well.
It'd be great if they skewed, stretched and warped the image to certain extents as it moves.

A lot of that would be easy to defeat with basic video filtering techniques like noise removal, motion compensation, etc.

They're also expensive...

[RyanFenton]

If you generate them statically (as videos), then all someone has to do is what they're already doing - put up a site with some fake content, and ask users to go through "their" capcha, telling them the human answer to that particular video, and making an index of videos to answers.

If you generate the videos dynamically, well, it won't be very scalable, because it's going to take too much processing time per user. Might work well for occasionally verifying expensive content, and it might be more useful in the future - but networks (at least in the US) take a long time to improve, on the scale of hard drive improvements, so you're bottlenecked there too.

Hybrid tricks (layering static video) end up the same as static with a little analysis.

I'd say this falls in place with automated phonecall techniques as a somewhat expensive and annoying way of verifying 'humanity'.

Ryan Fenton

They are all vulnerable to the same method

[aepervius]

Outsource the captacha. Link it to some porn , ask the user to fill the captcha in, and boum, captcha bypassed. no need to do expansive trick program analyze, just use cross site linking. At least those captcha have the merit to be readable by a human, unlike some captcha in cursive-overlapping-slanted letters where if you can answer them , you are prolly not human.

Re:Does anyone know a good app..

[John+Hasler]

EVENTUALLY all bots will be better at breaking all captchas than humans will be.

It's much worse than that. Because the botherders can tolerate a very high failure rate the bots can be much worse than humans and still be effective.

Re:Is this going to be flash-dependent?

Surprisingly it seems the answer is no.

I was all geared up to give my anti-Flash speech and NuCaptcha stunned me by presenting animated GIFs (a format with a bad history but which is now free).

I'm sure if I start digging I'll find something to dislike (NuCaptcha patenting the idea of moving captchas for example or maybe intentionally holding full copyright on captchas that they aim to embed into as many sites as possible) but the GIFs have put me in such a good mood I'm not going to try.

Well done NuCaptcha for providing useful animation to the web and not being Adobe's bitch. That puts you up there with Wikipedia!