Over the years, Google's reCAPTCHA has mousily moved on from just having users decipher distorted text, the past street numbers, to the infamous "I'm not a robot" tickbox. But now, you just don't get anything at all. While this system was limited to desktops for a while, it’s now being rolled out confidently on Android devices across the spectrum.
reCAPTCHA’s mobile version will also host the ‘invisible’ kind which allows websites to verify your sentience without any input from you. This might seem like good news to many who have disliked the service on larger screens and would dread having to put up with it on their mobile devices as well, but it poses a lot of security and safety questions. The catch, however, should you fail to pass the system’s behind the scenes risk analyses and it's unconvinced that you're not a bot, mobile specific puzzles and checks will be given for you to solve and prove your humanity.
This new version of reCAPTCHA uses complex machine learning risk analysis algorithms also used in self-driving cars to determine whether a visitor is a human being without the user having to input anything. By that I mean big brother is always watching your behaviour online, (surprise!) but it also links that regular behavioural pattern to your IP address so that any changes to your engagement with the website can be monitored as well. That’s why sometimes it asks you click on images of mountains and sometimes, just doesn’t.
Should you feel like playing around with it, the ever so nice guys at Google have bequeathed unto us mortals an Android API, complete with part of Google Play Services, as well as Google SafetyNet.. Developers will also be able to conduct device and user attestations in the same API for an easier security risk mitigation. The company says an iOS version will be released ’around the corner’, but the Android version is available as of today.
What do you think? Does this have any hope of practical application? Let’s discuss in the comments section below. Thank you for visiting Base64.