CAPTCHA is actually an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”. As the name implies, it is a computer-generated test which aims to separate a bot (automated program) from a live, breathing human being online. The “Turing” refers to Alan Turing, a computer scientist who, in the 1950s, undertook research to distinguish a man from a machine.

CAPTCHA typically involves a computer which ‘serves up’ a puzzle (this usually involves number and/or letter combinations) that a user has to input into a designated box in order to proceed with whatever process the CAPTCHA is guarding. Although the computer can generate the test, only a person can decipher the graphic puzzle and input the proper response to pass the test.

Conceptualization

Although most people associate CAPTCHA with the process of registering at various websites, the system was originally envisioned as a means of preventing automated systems or “bots” from loading the Alta Vista search engine with URLs or Uniform Resource Locators.

In those early days before Google and Yahoo, there were two ways of getting a website or URL listed in Internet search engine databases; through web crawlers which automatically ‘surfed’ the net for URLs or through URL submission.

In order to prevent the search engine from being overloaded with URLs posted by automated systems, a means had to be found to ensure that the entity doing the listing was a human being, which led to the development of graphic puzzles as a test.

In 2000, Yahoo asked the Carnegie Mellon University to create a means to prevent bots from infiltrating its chat rooms. A team composed of Carnegie Mellon researchers developed a series of cognitive puzzles and called it ‘CAPTCHA.’ Although Yahoo was the first to make major use of CAPTCHA, others soon followed.

Today, CAPTCHAs are used to prevent automated postings to blogs or forums, to stop poll spamming, to protect the information stored in online banking sites, etc.

Code Breakers and the Future of CAPTCHA

The integration of CAPTCHA in various web applications and services eventually led to development of technology or software to defeat it. This has led to an escalating war between code breakers and the companies who have instituted and are making use of CAPTCHA to guard their services from bot infiltration. The latter continued enhancing their system’s CAPTCHA to the point that even legitimate users began finding it difficult to break the ‘code.’ This, in a way, defeated the purpose of CAPTCHA.

Currently, efforts are underway to ‘evolve’ the CAPTCHAs into other methods that follow the same principles but use more sophisticated techniques. Microsoft, for example, has developed a CAPTCHA-based, graphic, multiple-choice system which requires Internet users to select pictures of dogs or cats from a set of nine different household pets.

Researchers note that the basic elements of CAPTCHAs still exist. First, human cognitive reasoning is involved. However, the current (and probably future) generations of CAPTCHAs have begun to go beyond the typical or prescribed 26-letter and/or 10-digit (1 to 0) limits.