What’s unCAPTCHA and how is it different? Created by four researchers from the University of Maryland, unCAPTCHA is a similar test-based methodology like reCAPTCHA. It is, however, in spite of following the same old system of reading distorted text and typing it in a box, deals with the audio. This AI is programmed to crack the audio challenges. So now, people with disabilities can also bypass the real security procedure without passing the conventional reCAPTCHA challenges. How does unCAPTCHA work? unCAPTCHA connects the online speech-to-text engines with a technique called Phonetic mapping. The process of recognizing the audio takes place as discussed below:
The system first downloads the audio file It then breaks it into a number of digital audio clips Runs these clips through many text-to-speech systems Identifies the nearest homophones Computes the aggregated results on the basis of the confidence level, and finally Sends the best result to Google.
Talking about how did it defeat the reCAPTCHA? After testing the unCAPTCHA it was found that the AI was able to solve 450 reCAPTCHA challenges within 5.42 seconds. This gave an accuracy of 85.15%. The result demonstrated that bots/attackers don’t need considerable resources for successfully attacking the reCAPTCHA system. Even with a very little success rate, an attacker can threaten the integrity of the online services. The Researchers added that in case of unCAPTCHA, we are assuming that attackers accessing unCAPTCHA have limited resources. So our threat model will limit them to just 1 computer, 1 IP, limited training data and a small portion of RAM. This way we have ensured our accuracy to be more than 50%. Where can you find the unCAPTCHA? The researchers have already shared this code with the GitHub. It is using text-to-speech systems there like Google Speech Recognition, Sphinx, and Wit-Al. You’ll soon find unCAPTCHA at places of higher security and integrity. Wrapping Up unCAPTCHA just revolutionized the entire security ensuring methodologies introduced by the Google. Starting from the very roots and instincts of attackers, unCAPTCHA has succeeded in simplifying the security measures. Moving in through the GitHub, it is all set to spread among the sites possessing a huge database. Google’s take on this security innovation will be a thing to watch now. But we welcome unCAPTCHA and hope for more such innovations to take place in the future.