Tired of clicking on photos of school buses to prove you’re human? You may finally get a breather.
The security firm Cloudflare, which guards around 12% of the web from bots, announced that it was dropping reCAPTCHA — the Google traffic authenticator — for upstart rival hCAPTCHA.
Cloudflare said it made the jump because Google decided to charge for reCAPTCHA, which it had long offered for free, and because of long-simmering privacy concerns.
A successful one prevents bots from posting spam comments or snapping up in-demand retail goods.
When concert tickets go on sale, for instance, CAPTCHA blocks scalpers from unleashing bots that instantly buy up all of the seats. Before checking out, you take a quiz, and the algorithm decides whether you’re human.
The first rendition of the CAPTCHA hit the scene in the ’90s, when the search engine AltaVista came up with a test using skewed letters that bots (and sometimes humans) couldn’t read.
Google bought reCAPTCHA from another team in 2009. In the early days, it used excerpts from The New York Times’s archives to weed out fake traffic. By 2014, it switched to using photos from Google Street View.
For Google, reCAPTCHA serves dual purposes: It protects the web from abuse — and also helps the company refine the accuracy of Street View.
reCAPTCHA covers about 45% of the bot-detector biz, but it’s a crowded market. Among its competitors are Anticaptcha, NuCAPTCHA, Geetest CAPTCHA, and hCAPTCHA.
Google’s newest rendition of reCAPTCHA is the simplest yet. To prove you’re not a robot, you check a box that says — what else? — “I’m Not A Robot.”
But this system uses more than an honor code. Google sizes you up using a risk score that guesses how likely you are to be a bot. It’s informed in part by your browsing cookies.
To critics, reCAPTCHA is just another way for Google to prioritize its own products. If you’re signed into a Google account, or if you’re using Google Chrome instead of another browser, reCAPTCHA is more likely to deem you a human.