Completely automated public Turing test to tell computers and humans apart (CAPTCHA), also known as verification code technology, is a completely automated public program to determine whether a user is a computer or a person. In a CAPTCHA test, a computer serving as a server automatically generates a question for a user to answer. Since the computer usually can not answer the CAPTCHA question, a user who answers the question may be identified as a human. Using verification codes can efficiently prevent malicious behaviors, such as cracking passwords violently, brushing tickets, and adding water in forums via automated programs.
Presently, the most common verification code is a what-you-see-is-what-you-get verification code. A typical example of the what-you-see-is-what-you-get verification code is a character verification code and a puzzle verification code. Fundamental principles of a conventional character verification code are described below. A server provides an image X, and the image is usually generated automatically by the server according to rules. A user observes the image X, searches for numbers, English characters, or Chinese characters Y in the image, and provides numbers or characters Y understood by the user to the server. The server compares Y inputted by the user with an answer Y′ corresponding to the original image X. If Y is consistent with Y′, it is determined that the current user is a human user, and if Y is not consistent with Y′, it is determined that the current user is a non-human user.
For conventional character verification codes, as long as enough samples are collected and OCR (Optical Character Recognition) technology is used for learning and training, available automaton programs will be soon developed to recognize the conventional character verification codes. To resist recognition of character verification codes by an automaton, a common practice at present is to add various interfaces, such as rotation, distortion, deformation, or interference lines. However, as interfaces added into verification codes become increasingly complex, it is increasingly difficult for a human user to recognize the verification codes with the interfaces, resulting in an increasingly decrease of the recognition accuracy of verification codes.
Therefore, as the artificial intelligence technology, such as deep learning or sparse coding becomes mature, the precision of OCR becomes higher and higher, and the effect of anti-crack for automatons by means of merely image interference is not very efficient. As a result, the recognition accuracy of verification codes continuously decreases and the verification efficiency becomes lower and lower.
To improve user's experience, puzzle verification codes are proposed. A user clicks and rotates a corresponding small picture, and splices the small picture into a corresponding position to distinguish him from an automaton. Compared to conventional character verification codes, puzzle verification codes can bring a good user's experience, but increase the cost, for the puzzle verification codes require a picture library with a large data volume. In addition, the selected picture is basically ten times the size of a conventional character verification code (generally, the size of a conventional character verification code is smaller than 4 KB, and the size of a puzzle verification code is greater than 40 KB). Therefore, either the network transmission rate or the production rate of puzzle verification codes is slower than that of character verification codes. It sometimes takes a long time to get a puzzle verification code for a user on a mobile terminal.
Compared to conventional character verification codes, puzzle verification codes are merely image verification codes, and information, such as a splicing position and a splicing direction can also be recognized by means of image recognition technologies. Therefore, the anti-crack capacity is not high.