Web sites, services, and apps everywhere often require a user login before you can use the service and even once you’re logged in, there’s often an additional step you must take to prove that you are human, rather than a spam bot or other computer script up to mischief. The device is commonly known as a CAPTCHA and by one of those bizarre phraseological contrivances favored by acronym creators throughout history supposedly stands for: “Completely Automated Public Turing test to tell Computers and Humans Apart”.

A CAPTCHA might require you to type the answer to a simple question, do some arithmetic. Much more powerful and far more common are the types of CAPTCHA that ask you to type a word or a couple of words on your screen that have in some way been distorted. There are also audio-based CAPTCHAs aimed at the visually impaired. Unfortunately, spammers, scammers, and other scoundrels have found ways around each CAPTCHA generation using increasingly sophisticated optical character recognition.

An international research team, however, sees the merit in a CAPTCHA system and have now devised an image-based version that detects a human face rather than requiring any brainpower on the part of the putative user of a site. Afzel Noore, Brian Powell and Adam Day of the Department of Computer Science and Electrical Engineering, at West Virginia University, in Morgantown, USA and Richa Singh and Mayank Vatsa of Indraprastha Institute of Information Technology (IIIT) Delhi, in New Delhi, India, believe that detecting human faces can provide an additional layer of security in web-based services.

The team has devised a face-based CAPTCHA that relies on the user detecting human faces in a mixed, composite CAPTCHA image from a database of faces. Besides human faces, there are also faces of animals embedded in the CAPTCHA to impede face-detection software and bots, and the faces are distorted, by blurring, pixelating and adding noise, to make it even more challenging. The researchers have carried out an extensive experimental study on this approach and compared it with conventional CAPTCHA approaches. The images are visually distorted and randomly placed on a noisy background. To successfully solve the CAPTCHA, the user must correctly click on all human faces. Simple as that…for a human.

The team found that the distortion and processing make it almost impossible for face-detection software to accurately select all the human faces embedded in the CAPTCHA image, while real people can generally identify them with relative ease. Bots manage several percent accuracy for each face in the montage whereas a person will average over 98 percent accuracy, presumably, errant mouseclicks are mostly to blame for errors.

“Unlike a text-based CAPTCHA, a major benefit of the proposed image-based face detection CAPTCHA is that it does not have any language barriers. In addition, the proposed CAPTCHA can easily be implemented on handheld devices to provide an additional level of security,” the team says.

Brian M. Powell, Adam C. Day, Richa Singh, Mayank Vatsa, & Afzel Noore (2010). Image-based face detection CAPTCHA for improved security Int. J. Multimedia Intelligence and Security, 1 (3), 269-284

Related articles

• Security Company Strengthens CAPTCHAs With Video (pcworld.com)
• From handwritten CAPTCHAs to ‘smart rooms,’ tech solutions start with pattern recognition (physorg.com)
• Media Decoder: NuCaptcha Engage Puts Security Feature in a Video (mediadecoder.blogs.nytimes.com)
• White House CAPTCHA accidentally endorses treason (geek.com)
• CAPTCHA and BBC iD (bbc.co.uk)
• Nasty Phrases Are Slipping Into The Official White House Website’s CAPTCHA [Broken] (gizmodo.com)