Campaign to kill CAPTCHA kicks off

 

May contravene accessibility law.

The use of CAPTCHA to combat spam bots is also blocking people with disabilities and the feature should be removed from websites, argues a group of disability organisations.

The completely automated public Turing test to tell computers and humans apart, abbreviated as CAPTCHA, is a popular measure deployed by webmasters around the world to prevent spammers from automatically sending unsolicited commercial messages to sites and users. It requires people to interpret characters and numbers that are difficult for machines to parse, and enter these as part of logging in to a site, for instance.

However, the dark side of CAPTCHA is that it hinders people with vision impairments to the point that they cannot use sites. Screen readers and other accessibility tools used by blind people often fail on distorted and illegible CAPTCHA text.

Now, disability groups such as Blind Citizens Australia, Able Australia, Media Access Australia and the Australian Deaf-Blind Council are calling on organisations to stop using CAPTCHA, setting up a petition with the Australian Communications Consumer Action Network.

Even when CAPTCHA uses audio files along with the strings of letters, people with disabilities find these as hard to use as the visual versions.

“My experience with audio CAPTCHA has been almost as inaccessible as visual CAPTCHA; I must have listened to the Skype audio CAPTCHA 20 times before I gave up and asked my sighted friend to set up my account,” said the ACCAN disability policy advisor Wayne Hawkins, who is blind (image left).

Dyslexic, colour-blind and older users often find CAPTCHA hard to get through too, the organisations behind the kill CAPTCHA campaign pointed out.

CAPTCHA may in fact contravene Australia's Disability Discrimination Act, said Dr Scott Hollier of Media Access Australia, who himself is blind. 

The Australian Goverment is committed to following the Web Content Accessibility Guidelines (WCAG 2.0) standards, but a survey by iTnews last year showed many federal and state sites trailing their overseas counterparts in compliance.

Hollier told iTnews that CAPTCHA prevents access to not just government sites. "Take buying tickets to concerts for instance: by turning down colours and using a screen reader, I can access just about all of a ticket booking site until the crucial moment of paying when CAPTCHA appears and I have to embarrassingly enough call for someone to help me out with it." 

"With time sensitive things like concerts, this can mean I miss out on the tickets as the transaction times out," Hollier said.

According to Hollier, a better way for everyone would be the use of emails to activate and verify users, instead of CAPTCHA.

The W3C web standards organisation notes that CAPTCHA has become less effective as an anti-spam measure, with character and image recognition software being able to defeat it. Spammers are also posting the CAPTCHA they want solved on other sites, where visitors unwittingly assist them in doing so, believing it is a legitimate authentication step.

W3C has suggested other techniques such as logic puzzles, limited-use accounts and non-interactive checks to prevent abuse such as fraudulent account creation and spamming.

Since its inception over a decade ago, CAPTCHA has been heavily used by government, banking and business sites, as well as those of large webmail and e-commerce providers.

Copyright © iTnews.com.au . All rights reserved.


Campaign to kill CAPTCHA kicks off
 
 
 
Top Stories
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
What InfoSec can learn from the insurance industry
[Blog post] Another way data breach laws could help manage risk.
 
A ten-point plan for disrupting security
[Blog post] How can you defend the perimeter when it’s in the cloud?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1040

Vote