Browse Prior Art Database

Advance Captcha like System for Human Authentication

IP.com Disclosure Number: IPCOM000253943D
Publication Date: 2018-May-16
Document File: 4 page(s) / 361K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 43% of the total text.

1

Advance Captcha like System for Human Authentication

As the world continues to evolve complex and sophisticated cyber networks of computers, the requirements to protect the network, computing assets, personal identities, and data are continually challenged by the ingenuity of those who try to exploit vulnerabilities for malicious and/or other purposes.

One of the main tools used to exploit security vulnerabilities is a malicious bot. Hackers use bots to perform many cyber-attacks including but not limited to: DDos attacks, disruption of services, spam generation, creation of ghost accounts, fake traffic, fake statistics, web scraping, competitive data mining, personal and financial data harvesting, brute force login and man-in-the-middle attacks, digital ad fraud, spam, transaction fraud, and more. Cyber-attacks not only disable a computing service, but also slow or completely disrupt communication of genuine network traffic.

One cyber security solution, which has been around since the early days of the Internet, is the use of captchas. Captchas have matured and evolved to approximately 10 different variants. However, captchas susceptible to hacking and are no longer a secure means to protect a web site, personal information/data, etc. bots have been developed to exploit captchas and remain the "weapon of choice" for many cyber- attackers.

Current captcha text technology is quite simple: a user is presented with a text string and asked to re-type the characters. Image captchas are more sophisticated and secure, however there are numerous ways to bypass the challenge. In fact, most of Image captchas provide the end user an option to be presented with a text captcha in the event they have difficulty distinguishing the Image captcha, which raises the vulnerability to 92% if the end user selects the text captcha. Many research projects have proven that optical character recognition (OCR) technology can be used to pass 92% of those text string challenges*.

To make text captchas more "secure" text distortion is employed to make it more difficult for bot recognition; however, many human users have difficulty recognizing the distorted text. Frustration created by the user's inability to read the distorted text captcha can result in the end user aborting the website/on-line commerce transaction. A web master/designer is faced with the dichotomy of balancing between site security with site ease of use/usability.

The novel solution is a method and system to use cognitive computing, rather than text or images, to power the protection of web sites to verify whether the user is a human or a machine bot. The approach is to use a cognitive system to generate random and disordered text to confirm the user is human, not a bot.

2

The system and method create and display strings of disordered text using Typoglycemia principles (i.e., keep the first and last letters) combined with a user's available metadata to make the selection of text. This increases the use...