You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for putting this together, I've been hearing about this research from Dr.Scott and it's great to finally have it in writing.
Google's ReCAPTCHA (Anecdotally seen as the "Best" option for CAPTCHA) was touched on in this draft, and one note was that there was no definite research if it is the best CAPTCHA. I would like to see more research to determine if it actually is the best option in every scenario, but I do have some additional concerns about ReCAPTCHA that wasn't mentioned.
Google's ReCAPTCHA of course has characteristics similar to other inaccessible CAPTCHA's which can make it inaccessible, but Google's ReCAPTCHA has some additional concerns:
How can it tell from an assistive technology user and a robot?
Some users may use a keyboard to navigate the website and therefore will not rely on mouse movement, I have a theory that this could make Google ReCAPTCHA flag assistive technology users as a robot, assuming that robots navigate in a similar manner to a keyboard-only user. Has there been any research as to how robots actually interact with a website, and whether or not this is could be confused with someone with a disability?
This would be particularly bad as it would mean assistive technologies users are more likely to receive the inaccessible CAPTCHA rather than the nice and easy checkbox.
Privacy
The draft says that Google ReCAPTCHA will look through heuristics to figure out if someone is a human or not (such as browser history). Doesn't this present a privacy issue which could be added as another reason why Google's ReCAPTCHA has some concerns? Privacy is mentioned when discussing Public-key infrastructure solutions but how Google ReCAPTCHA does things is just as concerning.
Cheers,
Matthew Putland
The text was updated successfully, but these errors were encountered:
The draft says that Google ReCAPTCHA will look through heuristics to figure out if someone is a human or not (such as browser history). Doesn't this present a privacy issue which could be added as another reason why Google's ReCAPTCHA has some concerns? Privacy is mentioned when discussing Public-key infrastructure solutions but how Google ReCAPTCHA does things is just as concerning.>
This is a really good point, and one that deserves more investigation. There are several things happening at the moment, that will make disability fingerprinting a common thing on the web (it's already possible in native apps on mobile devices). This is a huge concern.
Hi Scott, Janina and Michael,
Thanks for putting this together, I've been hearing about this research from Dr.Scott and it's great to finally have it in writing.
Google's ReCAPTCHA (Anecdotally seen as the "Best" option for CAPTCHA) was touched on in this draft, and one note was that there was no definite research if it is the best CAPTCHA. I would like to see more research to determine if it actually is the best option in every scenario, but I do have some additional concerns about ReCAPTCHA that wasn't mentioned.
Google's ReCAPTCHA of course has characteristics similar to other inaccessible CAPTCHA's which can make it inaccessible, but Google's ReCAPTCHA has some additional concerns:
Some users may use a keyboard to navigate the website and therefore will not rely on mouse movement, I have a theory that this could make Google ReCAPTCHA flag assistive technology users as a robot, assuming that robots navigate in a similar manner to a keyboard-only user. Has there been any research as to how robots actually interact with a website, and whether or not this is could be confused with someone with a disability?
This would be particularly bad as it would mean assistive technologies users are more likely to receive the inaccessible CAPTCHA rather than the nice and easy checkbox.
The draft says that Google ReCAPTCHA will look through heuristics to figure out if someone is a human or not (such as browser history). Doesn't this present a privacy issue which could be added as another reason why Google's ReCAPTCHA has some concerns? Privacy is mentioned when discussing Public-key infrastructure solutions but how Google ReCAPTCHA does things is just as concerning.
Cheers,
Matthew Putland
The text was updated successfully, but these errors were encountered: