Apple: Explained: How Apple can kill CAPTCHA with this new feature

If you’re on the Internet, something called CAPTCHAs must have offended you at least once. “Click on all the traffic lights” or those random upper case, lower case, numbers that always prove you wrong to prove you’re a human and not a robot, which most people on the web are familiar with. CAPTCHA, however, may be a thing of the past if AppleAccording to a report by AppleInsider, the new Private Access Token feature has become mainstream.
what is a captcha,
CAPTCHA (Completely Automated Public Turing Test to Tell Computer and Human Apart) is a well-known security measure also known as challenge-response authentication. Typically, a CAPTCHA ‘test’ consists of two parts – numbers that look like a distorted image with a random sequence of letters, and a text box. To prove that you are human, you need to have correct captcha code. The idea is to protect users from spam and tests prove it’s a human and not a computer trying to break into a site or password-protected account.
what are private access token,
At WWDC 2022, Apple gave developers a demo of the Privacy Access Token. On its developer portal, Apple explained, “Private access tokens are powerful tools that prove when HTTP requests are coming in from legitimate devices without revealing one’s identity. This proof allows you to reduce the number of times people show CAPTCHAs.” Apple has a developer challenge where it asks developers to test features on their servers and Privacy Access Token was one such feature at WWDC 2022.
Private Access Tokens are a new HTTP authentication method that works completely in the background. A user won’t even notice – or have to key in anything – because all the activity happens between the server and the operating system. As Apple points out, “Private Access Tokens are those that allow your servers to automatically trust clients”. This feature is available in iOS 16 and . will be available to developers in MacOS Ventura, Apple is already working with security firms like cloudflare technology to be incorporated. Cloudflare said in a blog post that CAPTCHA as a technology was built and optimized for the browser-based world. “Captchas simply cannot work in an API environment where JavaScript cannot be rendered, or a WebView cannot be called,” says Cloudflare.
What is the difference between Private Access Token and Captcha?
When you use CAPTCHA, the website you visit knows the URL, your IP, and some additional user agent data, according to Cloudflare. In addition, the CAPTCHA provider knows which website you visit, your IP, your device information, collects interaction data on the page, and links this data back to other sites where they have visited you. In other words, user data is not really secure.
With a private access token, the website only knows your URL and IP, which will need to be known in order to make a connection. Cloudflare explains that the device manufacturer only knows the device data needed to authenticate your device, but can’t tell what websites you’ve visited, and doesn’t know your IP.

Follow us on Social Media

FacebookTwitterinstagramKu APPyoutube

Source link

Sharing Is Caring:

Leave a Comment