Trust is an asset in web-based interactions. For example, a user must trust that an entity provides sufficient mechanisms to confirm and protect her identity or other confidential information in order for the user to feel comfortable interacting with such entity. Further, an entity that provides an online resource must be able to block automated attacks that attempt to gain access to the online resource for malicious purposes. Automated programs, known as “robots” or “bots”, can attempt to gain access to a web resource. Thus, sophisticated authentication mechanisms that can discern between a resource request originating from a human being and a request generated by a bot are vital tools in ensuring that online resources are protected from automated attacks and developing the necessary relationship of trust between a resource provider and a user.