Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
Challenges of CAPTCHA in the accessibility of Indian regional websites
COMPUTE '11 Proceedings of the Fourth Annual ACM Bangalore Conference
Detecting fraudulent use of cloud resources
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Text-based CAPTCHA strengths and weaknesses
Proceedings of the 18th ACM conference on Computer and communications security
SEMAGE: a new image-based two-factor CAPTCHA
Proceedings of the 27th Annual Computer Security Applications Conference
Security and usability challenges of moving-object CAPTCHAs: decoding codewords in motion
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Breaking reCAPTCHAs with unpredictable collapse: heuristic character segmentation and recognition
MCPR'12 Proceedings of the 4th Mexican conference on Pattern Recognition
Innocent by association: early recognition of legitimate users
Proceedings of the 2012 ACM conference on Computer and communications security
Segmentation of CAPTCHAs based on complex networks
AICI'12 Proceedings of the 4th international conference on Artificial Intelligence and Computational Intelligence
All your face are belong to us: breaking Facebook's social authentication
Proceedings of the 28th Annual Computer Security Applications Conference
SeeSay and HearSay CAPTCHA for mobile interaction
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A survey and analysis of current CAPTCHA approaches
Journal of Web Engineering
An empirical study on efficiency and effectiveness of localized vs. Latin-based CAPTCHA challenges
Proceedings of the 17th Panhellenic Conference on Informatics
Explicit authentication response considered harmful
Proceedings of the 2013 workshop on New security paradigms workshop
A novel gesture-based CAPTCHA design for smart devices
BCS-HCI '13 Proceedings of the 27th International BCS Human Computer Interaction Conference
Journal of Computer Security
Hi-index | 0.00 |
Captchas are designed to be easy for humans but hard for machines. However, most recent research has focused only on making them hard for machines. In this paper, we present what is to the best of our knowledge the first large scale evaluation of captchas from the human perspective, with the goal of assessing how much friction captchas present to the average user. For the purpose of this study we have asked workers from Amazon’s Mechanical Turk and an underground captchabreaking service to solve more than 318 000 captchas issued from the 21 most popular captcha schemes (13 images schemes and 8 audio scheme). Analysis of the resulting data reveals that captchas are often difficult for humans, with audio captchas being particularly problematic. We also find some demographic trends indicating, for example, that non-native speakers of English are slower in general and less accurate on English-centric captcha schemes. Evidence from a week’s worth of eBay captchas (14,000,000 samples) suggests that the solving accuracies found in our study are close to real-world values, and that improving audio captchas should become a priority, as nearly 1% of all captchas are delivered as audio rather than images. Finally our study also reveals that it is more effective for an attacker to use Mechanical Turk to solve captchas than an underground service.