CAPTCHA Accessibility

CAPTCHA was first introduced by researchers at Carnegie Mellon University. (Completely Automated Public Turing test to Tell Computers and Humans Apart) [CAPTCHA] is used on high traffic websites, comments on blogs, e-commerce websites to control spammers. CAPTCHA is also used to ensure that the information of their users is not harvested or otherwise exploited by web robots.

Image CAPTCHA

Graphical representation of text on images is a popular method to differentiate humans from robots. A bitmap image with scattered letters is provided to the user. The user need to enter the characters in the textbox provided before submitting the form. This method is very much challenging to a blind user. Screen readers will not read the content on the images.

Audio CAPTCHA

Audio CAPTCHA is alternate method observed quite often in the recent past. An audio file is played to the user with some characters or words. The speech will be garbled. The speech is garbled to have a similar experience of scattered characters in the image CAPTCHA to avoid the robots. The user needs to enter the same in the text box similar to the graphic CAPTCHA. Even this method could be challenging for certain user groups and people who operate in noisy environment. Content authors should ensure that the screen reader voice and the audio CAPTCHA does not conflict ending up not able to listen the content of the audio file. Many times audio CAPTCHA serve as alternate for image CAPTCHA.

Logical Questions

Another way of differentiating humans with robots is with simple mathematical or logical questions. Providing simple mathematical questions and asking the user to answer them in the text box provided. The question should be randomly giving very minimum scope for the robots to guess. For this approach people with cognitive disabilities may face difficulty.

For example: 4 ++ 2 =?,
Which of the following word end with letter “d”.

Ant, and, aim.

Mobile verification

Another approach few websites implement is mobile verification and one time passwords. The websites send a text message to the registered mobile number with a code. User needs to enter that code in the text box and submit the form. Usually this technique is used in the forgot password or other similar processes where the mobile number will be already registered with the website.

Anti spam programs

Anti spam programs or plug-ins are also used to control the robots to enter into the website or submit the comments. From the user interface every submission will be taken by the website but the anti-spam programs will filter the submissions based on various permutations and combinations.

After doing a bit of research on accessible CAPTCHA I feel anti-spam programs, mobile verification and simple mathematical questions are better in terms of accessibility. On a security stand point I am not skillful to comment though.

Comments are closed.