A problem that often arises in an Internet environment is that of unauthorized or improper access to websites by robots, commonly referred to as “bots”. Bots are programs that are run on computers that automatically access a website without the need for human or user interaction. Although some bots may access a website for proper purposes, e.g., search engine spiders that are authorized to scrape information from web pages, other bots perform improper functions. For example, certain bots access websites and register multiple fictitious users for improper purposes, access websites to mine confidential user information, guess user passwords, list items without authorization on sale or auction websites, and so on. It will be appreciated that, due to the high processing power of computers running bots, a large number of unauthorized accesses may take place in an extremely short period of time. However, although unauthorized access by a user or human may still occur, it is a substantially slower process.
In order to avoid access by bots, websites may present an image-based test or CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) to a user wherein the user is required to identify glyphs, (e.g., characters, numerals and/or symbols) in the image. The user is then requested to enter the glyphs manually and a comparison is then performed to check if the manually entered glyphs match those provided in the image presented to the user (e.g., the characters and numbers match the characters and numbers entered by the user). It will be appreciated that the image presented to the user should be arranged in such a fashion so as to inhibit recognition thereof by a robot (aka, a bot).
A frequently noted method to bypass this automation prohibition is to circumvent this image-based test to tell computers and humans apart. In such a method the test is simply moved outside the specific environment running the automation sequence to a manual process. This method is simplified by the relative ease of moving an image outside of the context and specific environment for which its authors/creators intended.
For example, a party intent on committing fraud and utilizing information obtained through an automated process protected by an image based test may lift that test onto their own interface and use external labor (e.g., human operators employed by them) to solve the tests for them. Recombined with the answers to these tests the automated process could continue past the testing point unabated. As the typical implementation and environment of an image-based test are often unidentifiable, the external laborer would not necessarily comprehend that they are aiding in illicit activity.
Another alternative is a website approach where unsuspecting users are given an image-based test in order to receive a perceived benefit or service. For example where a user is requested to enter sweepstakes to win a prize or to proceed to a next group of pictures by simply answering a visual challenge presented by the image based test, where the image-based test was actually lifted from another completely unrelated website as part of a traditional test.