FYI.

This story is over 5 years old.

Bring On This Facial Recognition CAPTCHA Already

Want to keep bots out and let people in? Make the test something that people have evolved to do.
April 16, 2014, 2:50pm

I hate CAPTCHA. We all hate CAPTCHA, with its stupid distorted, illegible letters. It only takes half a second for Google to get 13.1 million hits for “CAPTCHA sucks.” As a point of reference, googling “David Beckham” gets seven times the hits in less than half the time, but still, the point stands. CAPTCHA sucks.

Now, before you go calling this a First World Problem, allow me to point out that CAPTCHA sucks for everyone on a computer—especially people accustomed to other alphabets or languages other than English, not to mention the visually impaired.

And the other forms of CAPTCHA aren't much better—picture CAPTCHAs, wherein you identify either a cat or a dog, are susceptible to DDoS attacks; video is too big for people relying on spotty 3G coverage; audio CAPTCHAs necessitate clear audio and nice speakers, and also that you turn off whatever else you're listening to.

For all of these problems, a team of American and Indian researchers suggests that we try something new: facial recognition CAPTCHA. After all, if you're trying to let humans in, and robots out, why not make them do something that humans excel at and that computers suck at?

“Face recognition is a highly intuitive task for humans that can be used as a Turing test,” states their study, which was published in PLOS One. “Unlike the aforementioned tests, it does not suffer from language dependency. The human mind performs these functions every day and is very effective in recognizing human faces.”

And the bots? “Even after decades of research in face detection and recognition, there exist several challenges in designing effective and accurate algorithms for automatic face detection and recognition.” Distracting images, like emoticons and other faces, are added to the CAPTCHA images, to keep the computers guessing.

Boom. Facial recognition sounds good to me. Other, practical questions remain, like how big the pictures should be and how distorted—they tried blending them, rotating them, and straight up distorting them—but in principle, facial recognition CAPTCHA (aka FR-CAPTCHA) is very easy: Look at a crazy picture, tap the faces that match, and go do whatever secure thing you were going to do.

To create the FR-CAPTCHA, the researchers used "a single composite image containing multiple human face and non-face images on a background with varying degrees of distortion," and created images like those seen at the top of this post. In order to solve it, the user is required to match human faces (faces belonging to a single individual) on the CAPTCHA. So click on the two faces that are the same, basically; don't click on the images of gas stations or whatever. To slow down would-be spamming algorithms, backgrounds, twisting, rotating, and, yes, those CAPTCHA lines are applied to the pictures.

The recipe for FR-CAPTCHA Image: PLOS One

Even with the distortions, the accuracy with which people were able to do FR-CAPTCHA was higher than the more familiar reCAPTCHA and IMAGINATION, an image-based CAPTCHA. The researchers tested 220 people, many of whom were not native English speakers, and found that they could click on the matching faces and unlock the FR-CAPTCHA with accuracy far greater than with the others.

I mean, look at this graph: not only can people do this, they prefer it too. Overwhelmingly.

Image: PLOS One

People love it. All we need now are some faces to bend—like Beckham's, for instance. He's apparently very popular.