If you’re on the Internet, something called CAPTCHAs must have offended you at least once. “Click on all the traffic lights” or those random upper case, lower case, numbers that always prove you wrong to prove you’re a human and not a robot, which most people on the web are familiar with. CAPTCHA, however, may be a thing of the past if AppleAccording to a report by AppleInsider, the new Private Access Token feature has become mainstream.
what is a captcha,
CAPTCHA (Completely Automated Public Turing Test to Tell Computer and Human Apart) is a well-known security measure also known as challenge-response authentication. Typically, a CAPTCHA ‘test’ consists of two parts – numbers that look like a distorted image with a random sequence of letters, and a text box. To prove that you are human, you need to have correct captcha code. The idea is to protect users from spam and tests prove it’s a human and not a computer trying to break into a site or password-protected account.
what are private access token,
At WWDC 2022, Apple gave developers a demo of the Privacy Access Token. On its developer portal, Apple explained, “Private access tokens are powerful tools that prove when HTTP requests are coming in from legitimate devices without revealing one’s identity. This proof allows you to reduce the number of times people show CAPTCHAs.” Apple has a developer challenge where it asks developers to test features on their servers and Privacy Access Token was one such feature at WWDC 2022.
What is the difference between Private Access Token and Captcha?
When you use CAPTCHA, the website you visit knows the URL, your IP, and some additional user agent data, according to Cloudflare. In addition, the CAPTCHA provider knows which website you visit, your IP, your device information, collects interaction data on the page, and links this data back to other sites where they have visited you. In other words, user data is not really secure.
With a private access token, the website only knows your URL and IP, which will need to be known in order to make a connection. Cloudflare explains that the device manufacturer only knows the device data needed to authenticate your device, but can’t tell what websites you’ve visited, and doesn’t know your IP.