CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are often used to ensure that information submitted to a computer system was submitted by a human rather than a computer. A CAPTCHA is a type of challenge-response test used to ensure that a response is not generated by a computer and are commonly used to prevent automated software from performing actions which can degrade the quality of service of a given web portal, whether due to abuse or resource expenditure. The authentication process usually involves the system requesting a user to complete a simple test which the server system is then able to generate and evaluate. Assuming attacking computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. The most common type of CAPTCHA in use requires the user enter letters or digits from a distorted image that appears on a display screen.
CAPTCHAs are being designed to be more difficult for an attacking system to solve, but even these methods remain susceptible to a human-computation attack. Large scale implementation of human-computation attacks often utilizes “human CAPTCHA farms”. These “human CAPTCHA farms” are employed to solve the CAPTCHAs displayed on a webpage, while the attacking system automatically fills in and submits the rest of the webpage. One way to reduce the effectiveness of these “human CAPTCHA farms” is to increase the difficulty for an attacking system to separate the CAPTCHA piece of a webpage from the remainder of the form using an automated process. This can be achieved either by disrupting the process by which CAPTCHAs are queued up to be solved by the “human CAPTCHA farms”, or by integrating the CAPTCHAs more tightly with the rest of the webpage. By reducing the throughput of these systems, the economics behind the “human CAPTCHA farm” can be adjusted so that it is not worth the time or money to solve CAPTCHAs.
It is in this context that embodiments of the invention arise.