---
marp: true
author: Laurent Fainsin, Clément Broutin
title: CAPTCHA
---
# CAPTCHAs
---
Definition:
* **C**ompletely **A**utomated **P**ublic [**T**uring](https://en.wikipedia.org/wiki/Alan_Turing) test to tell **C**omputers and **H**umans **A**part
* commonly, a third party software installed on the web pages
* /kæp.tʃə/
A bit of history:
- Introduced in 1997 by [AltaVista](https://fr.wikipedia.org/wiki/AltaVista)
- Term was coined in 2003 by [Luis von Ahn](https://en.wikipedia.org/wiki/Luis_von_Ahn), [Manuel Blum](https://en.wikipedia.org/wiki/Manuel_Blum), [Nicholas J. Hopper](https://www-users.cse.umn.edu/~hoppernj/), and [John Langford](https://www.microsoft.com/en-us/research/people/jcl/).
- Based on a [Reverse Turing test](https://en.wikipedia.org/wiki/Reverse_Turing_test)
- Created from open problems in AI.
---
Definition:
- **C**ompletely **A**utomated **P**ublic [**T**uring](https://en.wikipedia.org/wiki/Alan_Turing) test to tell **C**omputers and **H**umans **A**part.
- commonly, a third party software installed on the web pages.
- /kæp.tʃə/
A bit of history:
* Introduced in 1997 by [AltaVista](https://fr.wikipedia.org/wiki/AltaVista).
* Term was coined in 2003 by [Luis von Ahn](https://en.wikipedia.org/wiki/Luis_von_Ahn), [Manuel Blum](https://en.wikipedia.org/wiki/Manuel_Blum), [Nicholas J. Hopper](https://www-users.cse.umn.edu/~hoppernj/) and [John Langford](https://en.wikipedia.org/wiki/John_Langford_(computer_scientist)).
* Based on a [Reverse Turing test](https://en.wikipedia.org/wiki/Reverse_Turing_test).
* Created from [open problems in AI](https://ai-forum.com/opinion/unsolved-problems-in-ai/).
---
# What are CAPTCHAs for ?
## They filter out the real humans !
What is a non real human ?
* [Bots](https://en.wikipedia.org/wiki/Internet_bot) 🤖
* [Crawlers](https://en.wikipedia.org/wiki/Web_crawler) 🕷️
* [Scrappers](https://en.wikipedia.org/wiki/Web_scraping) 🐀
* Dogs 🐕 / Cats 🐈
* [Spammers](https://en.wikipedia.org/wiki/Spamming) 📨
* [Hackers](https://en.wikipedia.org/wiki/Hacker) 🏴☠️
* Clément ? 👨🦰
---
# Why are CAPTCHAs needed ?
![](https://www.imperva.com/blog/wp-content/uploads/sites/9/2021/04/Bad-Bod-Report-Fig-1-1024x466.png.webp)
Source: [Imperva](https://www.imperva.com/blog/bad-bot-report-2021-the-pandemic-of-the-internet/)
---
---
---
---
---
# some exotic CAPTCHA examples
![90% bg](https://www.ionos.fr/digitalguide/fileadmin/DigitalGuide/Screenshots/EN-Captcha-Spamschutz-9.png)
---
# some exotic CAPTCHA examples
![44% bg](https://www.ionos.fr/digitalguide/fileadmin/DigitalGuide/Screenshots/EN-Captcha-Spamschutz-10.png)
---
# some exotic CAPTCHA examples
![70% bg](https://www.ionos.fr/digitalguide/fileadmin/DigitalGuide/Screenshots/EN-Captcha-Spamschutz-11.png)
---
# some exotic CAPTCHA examples
![100% bg](https://www.ionos.fr/digitalguide/fileadmin/DigitalGuide/Screenshots/EN-Captcha-Spamschutz-1.png)
---
# Possible attacks on CAPTCHAs ?
Quite difficult and costly:
* [Human Farms](https://www.netacea.com/blog/what-are-captcha-farms/)
* [Flying under the radars](https://github.com/ultrafunkamsterdam/undetected-chromedriver)
* Praying 🙏 ?
* [It's an arms race](https://github.com/dessant/buster)
* Man In The Middle Attack
---
# Alternatives to CAPTCHAs ?
Not much:
* [Honeypot](https://en.wikipedia.org/wiki/Honeypot_(computing))
* [SMS/email verification](https://en.wikipedia.org/wiki/Multi-factor_authentication)
* [Centralized sign-on](https://en.wikipedia.org/wiki/Central_Authentication_Service)
* Forced human interaction
* Motion-tracking
---
* Annoying
* Accessibility
* Privacy
---
🎉 Thank you for your attention 🎉