Recent Findings On Captcha & The User Experience

The opinions on what makes a form or Web application user friendly may vary but most everyone dislikes Captcha fields. Some Captcha’s are so difficult to decipher they actually increase form and page abandonment.

Along with the freedom the Internet provides humans, it is unfortunately humans who also created barriers to our free flow of information. It’s uncanny the amount of search engine marketing money spent to bring people into websites, only to chase them back out because they must prove they are indeed, human.

Spam helped create the need for Captcha. To defend ourselves from the onslaught of unsolicited and unwanted information that comes in the form of blog comments, log in, purchasing tasks and forums discussions, we must first solve a puzzle.

What Is Captcha?

Captcha stands for Completely Automated Public Turing (tests to tell) Computers and Humans Apart.

We commonly see them in the form of letters, sometimes mixed with numbers, which are presented in wavy, bold and italic fonts that try our patience.

You may come upon a registration form that will not accept your information until you solve a math problem like 2 + 7 or answer a question such as “Who was buried in Grant’s tomb?” Images and video are also used for Captcha.

The purpose of Captcha is to find a way to prove that you’re a human being and not a computer with abuse on its agenda. However humble and helpful the original goal, today there is software available to bypass Captcha’s, as well as humans paid to solve Captcha for companies who wish to do harm. Some regular website maintenance now includes regularly changing existing Captcha’s because it doesn’t take long for machines to figure out what sites use what form of Captcha.

Other reasons for wanting Captcha include preventing identity theft and fraud, computer viruses, spyware and hackers, phishing and bogus online transactions. Research shows that simply relying on passwords is not helpful for security because of password dictionaries and the overwhelming tendency to create easy, common passwords.

Do we really need additional help beyond passwords? Yes.

According to various sources such as the CSI, FBI and the Computer Security Institute, the costs of Internet crime and security breaches run in the billions of US dollars. Companies loathe going public with breaches for fear of the negative public reaction and stock market response. No wonder we’re forced to tolerate Captcha’s.

Usability Issues With Captcha

So much effort goes into making secure Captcha’s machines can’t possibly solve, studies show that people can’t solve them either. One of the worst Captcha presentations is when only one option is offered. Should it not be readable or easy to decipher, the form can’t be completed. It’s important to allow your users to refresh the screen until they find one they can understand.

One source noted the average person has between 7 and 25 accounts they log into every day (source). Because of the severity of the lack of trust, companies force users to authenticate who they are. In the course of one day, you may find yourself facing a Captcha field many times.

Other findings from various research include:

• When we presented image Captcha to three different humans, all three agreed only 71% of the time on average.
• Audio Captcha are much harder than image Captcha.
• Some Captcha schemes are clearly harder for humans than others.
• Non-native speakers of English take longer to solve Captcha, and are less accurate on Captcha that include English words.
• Humans become slightly slower and slightly more accurate with age.
• Ph.D.’s are the best at solving audio Captcha.
• Image based Captcha is not accessible to blind users.
• Poor accessibility for Captcha includes those with intellectual and developmental disabilities.
• Splitting the image into regions which each contain a single character, called “segmentation”, and is found to be the most reliable for humans.

• Spammers pay about $0.80 to $1.20 for each 1,000 solved CAPTCHAs to companies employing human solvers in Bangladesh, China, India, and many other developing nations.
• Contrary to the common belief, text-based CAPTCHAs can be difficult for foreigners.
• The use of color in a CAPTCHA can have an impact on its usability, security or both.
• Distortion has a clear impact on the usability of CAPTCHAs. Users find it difficult or impossible to
• recognize over-distorted characters.

Tools To Implement Captcha

For the time being it appears as though we’re forced to live with Captcha.

The following are some suggestions for tools and ways to create your own.

• ReCaptcha (from Google)- https://www.google.com/recaptcha

• How to Create a CAPTCHA Code – https://www.ehow.com/how_7335023_create-captcha-code.html
• Securimage – Free PHP code https://www.phpcaptcha.org/

Captcha confusion may be overlooked when analyzing web site or Internet application performance. We don’t often see a tick box nearby that might alert a site owner that a user could not submit the form because of its Captcha setup.

A wise reader of this column suggested this topic and for good reason. When conversions are at stake, Captcha is worth understanding and investigating to be sure it doesn’t create a negative impact on your site’s success.

Additional Reading:

• Password Authentication from a Human Factors Perspective: Results of a Survey among End-Users; Peter Hoonakker1, Nis Bornoe2 and Pascale Carayon1, 3; 1 Center for Quality and Productivity Improvement, 3 ISyE Department University of Wisconsin-Madison, USA 2 IT University, Copenhagen, Denmark
• How Good are Humans at Solving CAPTCHAs? A Large Scale Evaluation; Elie Bursztein, Steven Bethard, Celine Fabry, John C. Mitchell, Dan Jurafsky
• Data Monday: Login & Passwords; by Luke Wroblewski
• Wikipedia on Captcha
• Usability of CAPTCHAs Or usability issues in CAPTCHA design; Jeff Yan and Ahmad Salah El Ahmad