CAPTCHA is an acronym for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” The Turing test was developed by Alan Turing, the founder of modern computing. He imagined a setup where a computer and a person were behind two different doors. Each would print out some sort of text, and the Turing test would see whether or not another human could tell which one was the computer. If the human couldn’t tell the difference, or got a certain percentage wrong, then the computer would pass the Turing test.
A CAPTCHA is essentially the reverse of that — it’s trying to see if a computer can do something that we know a human can do. And if it can’t do it, then we know it’s a computer. CAPTCHAs can be used for basically any interaction on a website. If there’s a button on your site that you don’t want bots clicking on repeatedly, you can put a CAPTCHA on the button to prevent that.
Bots may spam your website for a number of reasons, but it’s important to know that there’s often a human action behind it. Maybe someone wants to send out emails or fill out lots of contact forms in hopes that someone will click their link and enter their credit card information. The purpose of a CAPTCHA is to prevent that automation from happening by recognizing that the entity performing those actions is a bot, not a human.
There are several types of CAPTCHAs — you’ve probably seen a website say something like “just making sure you’re human,” then give you a selection of photos and have you choose which images have traffic lights or crosswalks in them. Or maybe it’s just a pop-up with a check box you have to click to verify your humanness.
All CAPTCHAs are susceptible to machine learning, which is a computer’s way of figuring out tasks through trial and error. Scammers have started teaching computers how to solve CAPTCHAs through machine learning. But the good news is that machine learning can also be used against bots by watching how a user interacts with a website to determine whether it’s a bot or not.
Nowadays, CAPTCHAs are pretty seamless for the most part, and they can play a big role in weeding out scammers on your website. It adds a layer of protection to any form, preventing spammers and bots from performing repetitive actions. However, there is one problem that we can’t get around: some people have started hiring humans to bypass CAPTCHAs, thereby allowing them to keep spamming. But we’re still making advancements in online security every day, and CAPTCHAs are still effective for preventing spam in most cases.