CAPTCHAs help to deter spammers and hackers from using forms on web pages to insert frivolous or malicious code. CAPTCHAs have been found to help reduce spam by 88%. This response system is the first line of defense by helping to filter out bot activity from your webpages.
The first CAPTCHAs used text that was warped or changed in some way that made it difficult for computers to read, but easy for humans to make out. Users had to simply type in the text that they saw to verify that they were not a bot.
However, once computers became more and more accustomed to the previous CAPTCHA, there was a need to create a new test to help distinguish between humans and bots.
In 2005, reCAPTCHA debuted as a new version of the test. This test featured two words: one word was generated so that the computer knew the answer, the second one was pulled from a random article or book that was unknown to the computer.
However, once the computer programs received enough input from users, they were actually able to “read” and distinguish the visually manipulated text. In fact, a 2014 Google machine learning study found that humans could solve CAPTCHAs with 33% accuracy and AI’s could solve it with a 99.8% accuracy. Once the computers surpassed human ability, there was again another need for a new test.
A new test was introduced, RECAPTCHA v2 featured images rather than texts, asking users to identify which images contained certain features. This also served to help differentiate between humans and bots by asking them to identify a visual stimuli.
Eventually, AIs were able to surpass human ability in identifying and completing these CAPTCHA tests. Thus, the tests had to once again change.
The newest version of CAPTCHA was introduced as a solution to these problems. NOCAPTCHA and RECAPTCHA v3 verify that you are a human based solely on your behaviour. This version runs invisibly in the background that monitors for “bot-like” activity (i.e. clicking around too much, extremely fast typing). If this program does detect bot like activity it will ask the user to complete either the standard picture CAPTCHA test or verify with two factor authentication.
Unlike previous iterations of the CAPTCHA test, the newest version does not have a standard for what qualifies as “bot-like” behaviour. Furthermore, it seems as though it will not be long before computers will once again surpass human ability and create a need for a new CAPTCHA test. Experts believe that at some point there may be no way to distinguish between humans and computers - eventually they may be able to do everything we are able to.