CAPTCHA has become ubiquitous on the web recently, including on sites we have built. However, in my recent accessibility research for a recent project I came across this article which urges developers to stop using CAPTCHA since, in the words of the author:
“CAPTCHAs fail to properly recognize users with disabilities as human.”
and…
“External projects… have shown methodologies and results indicating that many of the [CAPTCHA] systems can be defeated by computers with between 88% and 100% accuracy, using optical character recognition.”
The author concludes:
“It is a logical fallacy, then, to hail CAPTCHA as a spam-busting panacea. Even 10% accuracy by a computer amounts to system failure, just at a slower rate. It is also faulty logic to believe that the adoption of CAPTCHA in large sites is evidence of its supremacy in fighting spam.”
What to do then?
The author suggest two “non-interactive” checks: spam filtering and heuristic checks. Perhaps the devs can read about these (items 3.4.1 and 3.4.2 in the article) to see if they are easy to implement.
Tags: spam
