Graphical security verification systems (also known as CAPTCHA or Turing tests) are being added to web sites on an increasingly frequent basis. In these schemes, the user is presented with a distorted picture of a word or sequence of numbers and is asked to enter the characters into an edit box. The purpose of these tests is to insure that a live human being, not a script running on a computer, is signing up for an account, placing an order or performing any other task for which spammers and other malicious users of Internet resources might pose a substantial security risk. Graphical security verification tests with no accessible alternatives pose a serious threat to the ability of the blind to continue using the Internet. In the case where these tests are used to secure a registration process, they represent a one-time abridgment of a blind person’s right to gain legitimate independent access to the subscription process. When absolutely necessary, a sighted person can act as a reader, providing the blind user with the information that must be entered into the box. In the case where these tests are applied each time a resource is accessed or an order is placed, these tests represent a complete lock out of the blind from using the resource, since a sighted person isn’t going to be available on a second by second basis. These security tests, when they include no reasonable accessible alternatives, represent nothing less than an artificial violation of the rights of the blind as fully living and breathing human beings and first class citizens, possessing all the rights and responsibilities that status entails. Though these tests claim to check for the presence of live human beings, they are really testing only for the presence of sighted humans. Sight is the price of admission and the blind are essentially being told that they need not apply.
Ticketmaster is an example of a company that has forced the blind to the back of the virtual bus, actually forced them off the bus altogether, by means of the implementation of an inaccessible graphical security verification test. This test comes each time one orders tickets, so it represents a complete, constant lock out. This situation is featured in Turned Away at the Virtual Box Office as published in Voice of the Nation’s Blind, an online magazine of the National Federation of the Blind.
There are currently two common solutions implemented by many companies to work around the visual verification process for blind users: playing an audio file of the contents of the picture and speaking with a customer service representative over the phone. The first solution is incomplete as it remains totally inaccessible for those who are also deaf or severely hearing impaired while the second solution is unacceptable, since these customer service telephone numbers tend not to be staffed 24 hours per day and calls are almost never returned in a timely manner.
Since it is critical for visual verification to include an accessible component, it is equally important that reasonable, workable solutions be devised and implemented in a cooperative fashion between the blind community and the mainstream technology industry. Let’s talk about some specific solutions. I’ll start with the aforementioned audio solution as it currently represents the most widely accepted way of providing immediate accessibility to visual verification. After discussing the audio solution, more innovative techniques will be covered.
An audio accessibility solution to visual verification provides a link next to the picture. When the blind user clicks the provided link, an audio file containing the same characters as the picture is played. Just as the characters in the picture are deliberately blurred to defeat automated optical character recognition, the audio file is distorted to prevent automated speech recognition. The distortion of these audio files often makes this solution difficult and sometimes even impossible for the user, especially if there is any auditory distraction or hearing impairment. This solution is also totally useless to someone who happens to be deaf-blind. Two examples of companies that are currently using the audio accessibility solution to visual verification are PayPal and Spam Arrest.
A simple, comprehensive accessibility solution to visual verification might be the use of electronic mail. In this system, the user clicks a link next to the picture and provides their e-mail address. The contents are sent to the user who enters the characters into the box to complete the process. This solution would work for all users, including those who are deaf or hearing impaired. There are a few drawbacks. First, some users might not wish to provide their e-mail address for privacy reasons. Second, it may be possible (though extremely difficult) for an automated script to check the address of the e-mail account, retrieve the verification code and enter it into the box without need of human intervention. Third, since e-mail is considered to be an unreliable postcard type delivery system, this solution might not work for all users, especially if the e-mail containing the verification code can’t be successfully received by the user.
Simple Cognitive Challenge Response
Another comprehensive accessibility solution to visual verification might be to present a simple cognitive challenge. In this system, after clicking the link next to the visual verification, the user would be asked a simple question, such as what is the sum of 10 and 35. Providing the correct answer would allow the user access to the resource. A possible drawback to this solution is the ongoing development of artificial intelligence. Given the allocation of sufficient time and resources, a programmer could write code that might be able to read the questions and provide the correct answers. Asking questions in random formats (sum of 10 and 35 versus 35 plus 10) and use of a vast database of tens or hundreds of thousands of potential questions would serve to make this solution unbreakable to all but the most determined computer scientists.
Automated Telephone Verification
Yet another comprehensive accessible verification solution could be the use of an automated telephone system. After the blind user clicks an appropriately descriptive link next to the typical visual verification, another code is presented along with a telephone number to call. This telephone system would be available for deaf or hearing impaired users by way of TDD support. After calling the telephone number and entering the numeric code supplied on the web page, the telephone system would present the user with the contents of the visual verification process for successful entry into the edit box. This solution can be reasonably protected against compromise, just as are the audio solutions now in use. For the hearing user, the visual verification code is provided in audio format. For the user of a TDD, this information is provided in text that is compatible with such a device. It is highly unlikely that a malicious user is going to own a TDD, so this does not represent a significant compromise. This solution essentially extends current audio verification solutions so that they are accessible to the deaf and hearing impaired while retaining the integrity of the visual verification process, being that it is very difficult or impossible to automate this solution. One drawback would be presented for users of old dial-up Internet connections with only a single telephoneline. Keeping the verification code available in the system for five or ten minutes should enable such a user to disconnect, place the telephone call to retrieve the verification code and reconnect to the Internet to complete the process.
Trusted Assistive Technology
Yet another innovative, comprehensive verification solution could be the provision of the visual verification code in an encrypted form directly to “trusted” assistive technology. Adobe Systems uses this methodology to allow users of screen readers like JAWS access to some kinds of secured PDF documents. The verification code would be encrypted and provided to a screen reader by way of a browser extension or special plug in software. The screen reader could receive, decrypt and provide the code in text form to the user, who could then simply retype it into the edit box exactly as the sighted user does now. Copying and pasting of the code would not be allowed. This solution can’t be easily automated or scripted since it is highly unlikely a malicious user is going to spend hundreds of dollars to purchase a trusted assistive technology product. The inability to copy and paste the verification code would represent a further obstacle to a malicious screen reader user.
A number of innovative solutions to the visual verification test have now been provided. In my estimation, there is absolutely no legitimate reason for any such system to completely lock us out of full participation on the Internet. There will probably be challenges to every solution we offer. No solution, even the visual verification tests themselves, will ever be completely unbreakable. Check out The CAPTCHA Project for examples of ways to break several visual verification tests. As always, your comments are highly encouraged.