With increase in use of World Wide Web for accessing information, lot of security concerns are associated with a user who is accessing the information. Internet bots perform repetitive tasks to access particular website or information from a webpage and the internet bots are usually used for malicious purpose. Therefore, authenticating a user interaction by generating random authentication tasks has become a common practice.
In order to distinguish between a human user and automated computer accessing information, generally Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) are used so that humans can respond to the CAPTCHA test and access the information. In general, the CAPTCHA tests are designed in such a way that computers can generate the test but computers will have difficulty in solving the test so that when correct answer is received, it is understood that human would have entered. Usually CAPTCHA test requires the user to read and enter the letters or digits from a distorted image which appears on screen to pass the test which gives access to a website or a webpage.
Currently all the CAPTCHA generation techniques are random in nature and they assist in accessing the information on a webpage by human and not by automated internet bot. The problem associated with the current practice is that they do not provide any assurance over data integrity once the CAPTCHA test is passed. Further, weak algorithms which are being used to generate CAPTCHA test gives hint on hacking the next pattern.
Although the currently available CAPTCHA tests provide security to some extent, at times, they are too complex for a user to read which results in bad user experience.
Another problem associated with the currently available CAPTCHA test generation is that CAPTCHA services that are used are from third party sources. If the third party services are down then the user cannot access the information on the webpage.
Therefore, there is a need of an authentication system and method which is capable of generating such authentication tasks by which a user could be easily differentiated from a machine. The system should also checks for data integrity by using strong algorithm. Further, generating authentication test should produce unique pattern which is easy to read by the user.