At some point, we’ve all had to click the “I’m not a robot” button to complete a task or purchase. You know, the square box you click on a website to prove you’re not a bot? That’s a CAPTCHA.
Created in the year 2000 by computer scientists, CAPTCHA was the internet’s first defense against bots. The purpose of CAPTCHA technology has remained the same throughout the years: to only allow human users through, not bots. However as fraud has evolved, CAPTCHA has lost its edge.
Why CAPTCHA Doesn’t Work
A CAPTCHA solution looks like a great, but it’s really not as powerful as it appears. Not only is it disruptive for real users, it doesn’t always stop bots. CAPTCHA is by-passable, meaning it isn’t exactly a fool-proof option. Many platforms, even Google, have phased out CAPTCHA. In fact, it’s not even a requirement for e-signatures anymore.
Source: Marci Robin
CAPTCHA solutions were meant to stop spam bots by generating tests that only humans could solve. But thanks to advances in technology, bots can now beat CAPTCHA. While CAPTCHA is great in theory, it’s outdated. A.I. has been beating CAPTCHA solutions since 2013 when Vicarious created a computer software that’s able to beat CAPTCHA with human-like precision.
Related Post: They're Getting Smarter: A.I. Is Beating CAPTCHA Tests
Fraudsters are constantly coming up with new ways to get past barriers. So inevitably, they will be able to break a CAPTCHA using new computer technology or human click farms.
Humans will always be able to solve CAPTCHA, so fraudsters utilize click farms that provide low-cost human labor. One company, 2Captcha, pays an average of .17 cents for every one-thousand completed tests, which could take one to three hours.
Working an eight-hour day, workers can generate over 8,000 CAPTCHA solutions which will then be sent to 2Captcha’s paying customers e.g. the fraudsters, who pay as low as .85 cents for 1,000 solved CAPTCHAs.
Related Post: What’s Really Happening Down on the Click Farm?
CAPTCHA can block less sophisticated attacks, but if you’re still getting spam, you may need another solution.
As technology evolves, so do fraudsters. That’s why you need a reliable solution against bots. There are a variety of alternative techniques you can use like honeypots, verified sign-ins, or timestamps.
CAPTCHA Solution Alternatives
Designed to capture bots without human users noticing, honeypots are a hidden form field that humans can’t see but bots can. They’ll immediately complete the form, letting the website owner know the user is actually a bot.
The only complication with this method is that humans using a screen reader software will see the form, and then likely fail the test. You could label the field explaining its use, so real visitors know to leave it blank.
2. Verified Sign-In
This requires users to sign in with an account like Google or Facebook. If the visitor has one of these accounts, they must be human. One drawback to this method is that not all users will be comfortable inputting their information.
3. Time Stamps
Bots can fill out forms almost immediately, whereas humans take longer to read each field and then input information. Using a timestamp will measure how long a user spends filling out a form so you can verify them based on that information.
While these methods will help mitigate fraud, an ad fraud protection solution is your best defense against fraudulent traffic. Investing in an ad fraud solution that focuses on performance and real users will keep your brand safe from spam, filtering out fake users and bots.
Source: Meme Guy
Ad fraud is an arms race. Each time new technology is created to keep fraudsters out, they will find a way around it. As technology evolves, you need to strengthen your security, too.
Related Post: Will Facial Recognition Bring the End of CAPTCHA?
Fraudsters are always working to stay ahead of new innovations. The truth is you can’t rely on CAPTCHA tests to keep the bots out. Instead, you need an ad fraud protection solution like Anura that can safeguard you and your brand against bad traffic.