Cloudflare wants to kill CAPTCHAs so you never have to identify fire hydrants or traffic lights again
The company says it will save 500 human years that are wasted every single day by a total of 4.6 billion Internet users, while people "prove their humanity".
One of the most frustrating things about browsing the web is having to solve compulsory CAPTCHA challenges on websites that are designed to differentiate between real users and bots. If you’re tired of attempting bothersome requests to identify “boats” in a picture, here is some good news – American web security and network services provider Cloudflare says it wants to completely get rid of the service.
CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, has actually helped several websites protect themselves from bots and automated services from flooding their systems and protecting them from being overloaded to deny services to real, human users.
However, these challenges are quite time-consuming — according to Cloudflare’s research, a user takes an average of 32 seconds to complete one. With over 4.6 billion users, the company says that even if a user sees a CAPTCHA every 10 days, “500 human years wasted every single day — just for us to prove our humanity,” the company says.
In order to rid the world of bothersome CAPTCHAs, Cloudflare has a plan in place. “Today marks the beginning of the end for fire hydrants, crosswalks, and traffic lights on the Internet,” the company said, adding that it would replace CAPTCHA challenges with Yubikeys – also known as trusted USB keys. By using “Cryptographic Attestation of Personhood”, the company says it will reduce your authentication to five seconds and three clicks to prove you aren’t a bot.
Users will visit a website that shows them a challenge – such as cloudflarechallenge.com and then click “I am human (beta)”. Cloudflare will then show them a prompt asking them to plug in their Yubikey or other trusted USB device (or tap it to their phone with NFC). If the authentication succeeds, the user is admitted inside without any CAPTCHA challenge.
Cryptographic Attestation of Personhood will work on all browsers on iOS 14.5, Windows, macOS and Ubuntu, while Android users will have to use Chrome, according to Cloudflare. Users who already have a Yubikey or similar hardware security key can visit Cloudflare’s example site to see how the feature could look once it is ready, and provide feedback to the company.