Stanford researchers expose audio and video CAPTCHA vulnerabilities
Tuesday, February 21, 2012/
Security researchers at Stanford University have created a computer program that can beat video CAPTCHA tests, with a success rate over 90%.
CAPTCHA tests are simple questions that appear on many online forms and are designed to be difficult for a computer programme to figure out, but easy for a person (for example, if you see an online form ask you to “type the red letters into the box below”, that’s a CAPTCHA test). They are often used to prevent automated spambots creating email accounts or posting in online discussions.
Recently, video CAPTCHA techniques such NuCaptcha have appeared on the market, and are marketed as being more reliable and secure than traditional text or audio CAPTCHAs. However, the researchers found that by having multiple frames of an image, NuCaptcha was often easier to break than traditional text or audio methods.
The news comes half a year after the same researchers announced that they could decode the audio CAPTCHAs with a 50% success rate. The purpose of the research is to identify security vulnerabilities in the methods before malicious hackers or spammers do, and suggest possible solutions to developers.