Abstract
A CAPTCHA is a challenge-response test often used on the Web to determine whether a Web site’s visitor is a human or an automated program (so called bot). Existing and widely used CAPTCHA schemes are based on visual puzzles that are hard to solve on mobile devices with a limited screen. We propose to leverage movement data from hardware sensors to build a CAPTCHA scheme suitable for mobile devices. Our approach is based on human motion information and the scheme requires users to perform gestures from everyday life (e. g., hammering where the smartphone should be imagined as a hammer and the user has to hit a nail five times). We implemented a prototype of the proposed method and report findings from a comparative usability study with 50 participants. The results suggest that our scheme outperforms other competing schemes on usability metrics such as solving time, accuracy, and error rate. Furthermore, the results of the user study indicate that gestures are a suitable input method to solve CAPTCHAs on (mobile) devices with smaller screens and hardware sensors.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For better readability, we write the acronym in lowercase in the following.
- 2.
noCAPTCHA is also referred to as new reCAPTCHA [9].
References
Inside ReCaptcha. https://github.com/neuroradiology/InsideReCaptcha.Accessed 01 Mar 2016
Buitinck, L., Louppe, G., Blondel, M., Pedregosa, F., Mueller, A., Grisel, O., Niculae, V., Prettenhofer, P., Gramfort, A., Grobler, J., Layton, R., VanderPlas, J., Joly, A., Holt, B., Varoquaux, G.: API design for machine learning software. In: ECML PKDD Workshop, pp. 108–122 (2013)
Bursztein, E., Aigrain, J., Moscicki, A., Mitchell, J.C.: The end is nigh: generic solving of text-based captchas. In: 8th USENIX Workshop on Offensive Technologies (WOOT 14) (2014)
Bursztein, E., Martin, M., Mitchell, J.: Text-based captcha strengths and weaknesses. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 125–138. ACM (2011)
Bursztein, E., Moscicki, A., Fabry, C., Bethard, S., Mitchell, J.C., Jurafsky, D.: Easy does it: more usable captchas. In: Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems, pp. 2637–2646. ACM (2014)
Fidas, C.A., Voyiatzis, A.G., Avouris, N.M.: On the necessity of user-friendly captcha. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 2623–2626. ACM (2011)
Gao, S., Mohamed, M., Saxena, N., Zhang, C.: Emerging image game CAPTCHAs for resisting automated and human-solver relay attacks. In: 31st Annual Computer Security Applications Conference, ACSAC. ACM (2015)
Google Inc.: Introducing noCAPTCHA. http://goo.gl/x7N7qt. Accessed 01 Mar 2016
Google Inc.: reCAPTCHA – Easy on Humans Hard on Bots. https://www.google.com/recaptcha/intro/index.html. Accessed 01 Mar 2016
He, H.: HAR on Smartphones Using Various Classifiers (2013)
Hupperich, T., Maiorca, D., Kührer, M., Holz, T., Giacinto, G.: On the robustness of mobile device fingerprinting. In: Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC. ACM (2015)
Jiang, N., Dogan, H.: A gesture-based captcha design supporting mobile devices. In: Proceedings of the 2015 British HCI Conference, pp. 202–207. ACM (2015)
Kluever, K.A., Zanibbi, R.: Balancing usability and security in a video captcha. In: 5th Symposium on Usable Privacy and Security, SOUPS. ACM (2009)
Reynaga, G., Chiasson, S.: The usability of captchas on smartphones. In: Security and Cryptography (SECRYPT) 2013 (2013)
Reynaga, G., Chiasson, S., van Oorschot, P.C.: Exploring the usability of captchas on smartphones: comparisons and recommendations. In: NDSS Workshop on Usable Security USEC 2015. NDSS (2015)
Sinofsky, S.: Supporting sensors in windows 8. http://blogs.msdn.com/b/b8/archive/2012/01/24/supporting-sensors-in-windows-8.aspx. Accessed 24 Apr 2016
Von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: Captcha: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)
Xu, Y., Reynaga, G., Chiasson, S., Frahm, J.M., Monrose, F., van Oorschot, P.: Security analysis and related usability of motion-based CAPTCHAs: decoding codewords in motion. IEEE TDSC 11(5), 480–493 (2014)
Xu, Y., Reynaga, G., Chiasson, S., Frahm, J.M., Monrose, F., Van Oorschot, P.: Security and usability challenges of moving-object captchas: decoding codewords in motion. In: 21st USENIX Security Symposium, pp. 49–64 (2012)
Yan, J., Ahmad, E., Salah, A.: Usability of CAPTCHAs or usability issues in CAPTCHA design. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 44–52. ACM (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Hupperich, T., Krombholz, K., Holz, T. (2016). Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness. In: Franz, M., Papadimitratos, P. (eds) Trust and Trustworthy Computing. Trust 2016. Lecture Notes in Computer Science(), vol 9824. Springer, Cham. https://doi.org/10.1007/978-3-319-45572-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-45572-3_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45571-6
Online ISBN: 978-3-319-45572-3
eBook Packages: Computer ScienceComputer Science (R0)