Did Apple just kill the dreaded CAPTCHA?
An acronym for Completely Automated Public Turing test to tell Computers and Humans Apart (seriously), CAPTCHA is the annoying thing you see on many websites that challenges you to prove you’re human, from clicking a box to figuring out some random puzzle, which usually ends up being “click all the pictures that have buses”…and there’s always one pic that may or may not fit that description. Besides forcing you to pass a test, CAPTCHAs aren’t always secure.
As AppleInsider noted, the tech giant demoed technology at this month’s WWDC 2022 called Private Access Tokens that could replace those dreaded challenge-response tests. Private Access Tokens (PAT) can prove when an HTTP request is being made by a human, but don’t require said human to actually do anything. Instead, in the background, the computer will use cryptography to verify a client through an attester (for this example, Apple), which can recognize if your device is “following typical user patterns” or not. These tokens are single-use and supposedly the information shared is limited.
For now, these tokens require a device running iOS 16 or macOS Ventura or later with an Apple ID signed in. So users coming from a Windows or Android device may still need to decode some blurry pics of buses to securely sign into some websites.
Thanks for reading InsideHook. Sign up for our daily newsletter and be in the know.