A CAPTCHA (“Completely Automated Public Turing test to tell Computers and Humans Apart”) is a challenge response test that is commonly used in computing to ensure that a responder to a test set by a server is a human, and not another computer. Typically, humans have no difficulty with passing the test, but computers do have difficulty, because the test typically requires cognitive abilities that the other computers do not have. Therefore, if the test is passed, the server presenting the test presumes that the respondent is human. The server may then allow the respondent access to a protected computer resource associated with the test.
A typical use of a CAPTCHA is when a user wishes to access an internet resource, for example a database on a server. Before the user can access the database, a test is presented. If the user passes the test, access to the database is allowed. If the user fails the test, access to the database is denied. Captchas may therefore be used to deter automated access attack requests on web services. However, if a computer can respond correctly to a CAPTCHA, the computer can access the protected computer resource. An example of a use of a CAPTCHA is for websites that provide free email address accounts. Typically, such websites are attractive to spammers, who are interested in opening multiple email address accounts from which to spam from. In this example, a registration process protected by a CAPTCHA is useful to deter automatic acquisition of email address accounts.
Existing captchas are fallible, because cracking algorithms have been developed for computer programs to solve such tests developed to date. New captchas can be cracked unless the test is so complex that the cost of cracking becomes prohibitively high.
An example of a prior art CAPTCHA requires a human user to confirm a set of symbols in a CAPTCHA image that has been presented to the user. Typically, the CAPTCHA image comprises a set of distorted symbols and backgrounds, and therefore the CAPTCHA tests whether the user can recognise the distorted symbols. Typical distortions include an angled line over the symbols, or the crowding of the symbols together, so that image segmentation analysis is difficult for a cracking algorithm. However, although such analysis is difficult, it is not impossible. It is also difficult to present a text in a way that is easily recognisable by human while being difficult to recognize by a machine. The approach is based on the human ability of recognising single characters. It is not applicable to use for users that do not use characters of an alphabet used by the system, which is often Latin script. However, graphical transformations of non-Latin characters may make them harder to interpret. Systems requiring entering the text can also cause accessibility problems for people using keyboard less devices.
Another example of a prior art CAPTCHA requires the user to select a CAPTCHA image that has a particular property, from a set of CAPTCHA images that do not possess that property. For example, the property may be that the CAPTCHA image represents a word in a particular language. A cracking algorithm could resolve this by image segmentation to identify each word represented by the CAPTCHA image, and a comparison of each word with words in a dictionary. An example of a selectable CAPTCHA is described in US Patent Publication 2009/0235327 A1 (Jakobsson, B M, et. al. “Selectable Captchas”).
An alternative example of a prior art CAPTCHA requires the user to answer a question about the relative locations of a number of objects depicted in the CAPTCHA image 650. For example, a CAPTCHA image 650 may present four commonly recognisable objects. The user may be asked to name the object that is above another object. A cracking algorithm could resolve this by identifying the objects using common object recognition algorithms.
Therefore, there is a need in the art to address the aforementioned problem.