We’ve all seen them. We’ve all used them. And we’ve all learned a new word or two in the process. I’m talking of course about captchas, which are used to ensure that responses are generated by a person, not a SPAM bot.
Anyway, testing plays a big part in the successful implementation of captchas. This pertains to testing types such as:
- Functional: Does the captcha work as expected? Does it keep spam and robot out and let humans in?
- Security: Can the forms fields be manipulated? Are they susceptible to SQL injections?
- Localization: If you have an international userbase, then are you using numbers instead of words?
- Usability: Are the words or images usable and easy to read?
This is just scratching the surface. I raise these points because of an article in The Daily Mail that discusses a captcha that fails on just about every level (according to author anyway). Take a look:
A civil rights group has devised a new kind of online test that measures a user’s sense of human empathy to distinguish them from automatic spam posting programmes.
The Civil Rights Captcha asks users to take a moral stance on a real-world civil rights issue by offering them three options about how they feel about it.
Only one answer is correct, and that is the one which shows compassion and empathy.
Here’s another great story from CNet.com on captcha fail:
A team of Stanford University researchers has bad news to report about captchas, those often unreadable, always annoying distorted letters that you’re required to type in at many a Web site to prove that you’re really a human.
Many Captchas don’t work well at all. More precisely, the researchers invented a standard way to decode those irksome letters and numbers found in Captchas on many major Web sites, including Visa’s Authorize.net, Blizzard, eBay, and Wikipedia.
Their decoding technique borrows concepts from the field of machine vision, which has developed techniques to control robots by removing noise from images and detecting shapes. The Stanford tool, called Decaptcha, uses these algorithms to clean up the image so it can be split into more readily recognized letters and numbers.
What do you suppose could be the main reason why captchas have been less than effective? You guessed it:
“Most Captchas are designed without proper testing and no usability testing,” Elie Bursztein, 31, a postdoctoral researcher at the Stanford Security Laboratory, told CNET yesterday. “We hope our work will push people to be more rigorous in their approach in Captcha design.”Captcha stands for Completely Automated Public Turing test to tell Computers and Humans Apart.
Have tips for testing captchas? Tell me how you feel about the electoral college and then leave your comment below.