A browser standard to distinguish bots from real humans, respecting their privacy for public websites
In the past, detecting humans vs. bots wasn’t privacy-friendly. For instance, if we used reCaptcha in a website, Google could track your visitor preferences. This is not healthy for their privacy.On the other hand, technologies like hCaptcha appeared as a direct replacement for reCaptcha respecting privacy. Still, the user experience wasn’t that great since it required solving the hCaptcha challenge and repeat it for each site they visit.But, is there a way where we could avoid all these hassles and detect humans without privacy breaches?
So what if there is a way to bypass CAPTCHA?
Privacy Pass, an open-source web extension, was the step towards the right direction, keeping privacy at its core. It helps to bypass CAPTCHA challenge repetition by using a set of Tokens/Passes. Let’s look at how it works.
- Users have to download the Privacy Pass extension for Chrome/Firefox web browser. You can see the Privacy Pass icon.Visit the CAPTCHA website and answer the CAPTCHA challenge, which grants 30 Tokens/Passes.These tokens are stored in the extension for future use.
The concept is simple when the user visit’s another page, the Privacy Pass extension issue these Token/Passes. And the great thing here is that each of these Token/Passes goes through a cryptographic process known as “blinding” that shields users’ privacy.You can refer to the Latest Version of the Privacy Pass Protocol for more information.But, you might wonder whether there is any standard way of achieving the same that the browsers natively support (not using browser extensions)?
#captcha #javascript #privacy #api
