Slashdot Mirror

← Back to Stories (view on slashdot.org)

CAPTCHA Busted? Company Claims To Have Broken Protection System

Posted by samzenpus on from the spell-this dept.

sciencehabit writes "A software company called Vicarious claims to have created a computer algorithm that can solve CAPTCHA with greater than 90% accuracy. If true, the advance would represent a major breakthrough in artificial intelligence. It would also mean that the internet will have to start looking for a new security system. The problem, however, is that Vicarious has provided little evidence for its claims, though some well-known scientists are behind the work."

3 of 141 comments (clear)

  1. Re:90% by heypete · · Score: 5, Interesting

    They probably are worried about bad guys using the payment system in an attempt to verify stolen credit cards by making seemingly-routine purchases that would not seem out of the ordinary and thus would not trip anti-fraud measures.

    A small company I used to work for was abused by credit card thieves in this way, and dealing with the fraudulent charges and the resulting chargeback fees was the top non-salary cost for a few months (exceeding even the colocation costs). The problem existed because they allowed users to create either a free or paid account for the service and, if they selected the paid account, they could enter the card information on the sign-up page. Later, they changed it so users would need to create a free account (which required a captcha) and then upgrade it to a paid account in the account settings. Fraudulent charges dropped to essentially nil after that.

    If the phone company requires only the invoice number and credit card data to pay a bill (rather than having you create an account, log in, and then pay the bill) then it's likely they're dealing with a similar problem.

  2. Re:Captcha is a security system? by slim · · Score: 4, Interesting

    Security is often annoying. Entering passwords is annoying. Getting RSA keyfobs out of your pocket is annoying.

    When it's used to protect against brute force password attacks, a captcha is definitely a security mechanism.

    When it's used to discourage spam, well, it's on the edge of the fuzzy area most people understand by "security". It's protecting the availability of a service, against the threat of spam making it unusable.

  3. Semantic capthas? by davidwr · · Score: 4, Interesting

    [imagine this as a captcha graphic]
    Spell last month.

    Or this:
    [image]
    Type the one that flies:
    England Turkey Russia

    Or this:
    [image]
    Type the word for
    2 + number of days in a week

    Or just to confuse things, split the "challenge" into code + html:
    [image]
    2 + number of days in a week
    [html] What is the number above minus 4, as a word: ___

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.