CAPTCHA’s surprising relationship with AI: The story behind the squiggly letters


CAPTCHA’s surprising relationship with AI: The story behind the squiggly letters


Most people are unaware when they confront the distorted letters and digits of CAPTCHAs in their day-to-day usage of web services that they’re being subjected to a reverse Turing test of sorts — one where the machine seeks to confirm your humanity. The Turing test, of course, is  the famous test proposed by Alan Turing to evaluate the ability of a machine to exhibit human-like behaviour. If a machine can fool a human into believing it is human, then it passes. With CAPTCHA, the human is the subject and the examiner – a machine.

It may come as a surprise to some that CAPTCHA itself is an acronym, standing for “Completely Automated Public Turing Tests to tell Computers & Humans Apart”.  What with the most useful and common implementation of it being within web services, guarding forms that seek to capture (note the homophonic similarity with CAPTCHA) user information from attacks by bots. And while that may have been the initial purpose, companies like Google have evolved CAPTCHA into even training its driverless car AI.


The term was coined by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford in 2003 in a paper titled ‘CAPTCHA: Using Hard AI Problems For Security’ which defines CAPTCHA as ‘a cryptographic protocol whose underlying hardness assumption is based on an AI problem’.

Interestingly, it posits CAPTCHA as a win-win even in the case of malicious intervention, arguing that ‘either a CAPTCHA is not broken and there is a way to differentiate humans from computers, or the CAPTCHA is broken and an AI problem is solved’.

Hence, CAPTCHAs are not simply limited to the kinds of tests being deployed currently, which rely primarily on a visual medium, to any tests wherein human success is more likely than a current computer’s. It is also for this reason that purely logical tests are rarely employed within CAPTCHAs as computers have shown themselves to be as, if not more, efficient than humans in solving them.

Characteristics of CAPTCHAs


Text-based CAPTCHAs, whose earliest implementation was by the then market leading search engine AltaVista in 1997, rely on the inability — or the unfeasibility — of current computers to do the following:

  • Invariant Recognition: The ability to recognize variations in the shapes of characters. Humans can comprehend a vast variety of variations in character shapes whereas training a computer to do the same would be a mammoth task as there are virtually limitless distortions one could effect.
  • Segmentation: The ability to separate words and characters wherein whitespaces don’t exist.
  • Parsing: The ability to separate characters based on context.

All of the above, combined with the generation of nonsensical words and phrases, is designed to defeat traditional optical character recognition along with other methods such as ‘dictionary attacks’ i.e attempts to brute force an input by using every possible combination of response possible.

Overlooked Aspects


This hasn’t prevented many (un)enterprising souls from setting up CAPTCHA solving services that pay pennies to a third-world user base for simply solving CAPTCHA tests presented to them one after the other. The clients for these services usually are blackhat online marketers looking to exploit vulnerabilities of web services for financial benefit. Unsurprisingly, these services have been compared to digital sweatshops — one more reminder of how often society seems to mimic itself in digital spaces.

Another aspect of CAPTCHAs that is often overlooked is their accessibility to those who are disabled. Though audio CAPTCHAs are now quite common, this still does not solve the issue for those with deafblindness. And what should also be concerning for many in the developing world is the lack of text-based CAPTCHAs in languages other than English. This does, however, present itself as an opportunity for startups to take on.

How you may be training Google’s Driverless Car AI with CAPTCHA


Google, having acquired popular CAPTCHA service reCAPTCHA in 2009, has implemented variations of text and image based tests across its product range, and is now using the massive human input to help train its driverless car program.

Every participation of yours in the seemingly innocuous ‘identify the car’ tests is not only keeping bots away, but helping Google build a powerful driving AI. The tests seem to cover many of the objects that one encounters on roads, from street signs, store fronts, bridges to, of course, cars. We are, it would seem, crowdsourcing the drivers of the future.

While it is an ingenious system to tap into the massive traffic that Google deals with, many have raised concerns about making users unwitting participants and some have accused the company of profiting off free labour. Many alternatives have sprung up which reward website owners for implementing their CAPTCHA system.



CAPTCHAs, clearly, are much more than meets the eye.

It is indeed pertinent and thought-provoking to ask: how do we differentiate between humans and advanced AI?

In Philip K Dick’s Do Androids Dream Of Electric Sheep?, the fictional Voigt-Kampff test is used to determine whether an individual is indeed human or an android (‘replicant’), by projecting a device at the eyes and measuring iris contraction and other biological responses to provocative questions and stories.

Considering it is inevitable that AI will graduate the CAPTCHAs of today, it may not be entirely sci-fi to imagine some version of the above making its way into our lives via integrated retina scanners and fingerprint readers in our devices, such as laptops and phones.

No matter where this goes, it is sometimes worth just taking in the rich irony of a bunch of squiggly letters standing in the way of an ever-advancing AI.

Leave your thought here