I have just discovered that blind and visually impaired people are not permitted to post comments on the PayPal Blog due to an inaccessible CAPTCHA. This is weird, since an audio CAPTCHA is utilized elsewhere within the E-Bay and PayPal sites.
accessibility
PayPal Security Key: Do Blind People Deserve the Same Level of Security as the Sighted?
Recently, PayPal began offering account holders the ability to use a Security Key as an additional means of protection. The Security Key is a small piece of hardware that connects to the computer’s USB port and displays a sequence of numbers that change every 30 seconds. Once the key is activated, users must supply these numbers in addition to their typical PayPal username and password in order to be granted access. No accessible version of the PayPal Security Key is offered at this time. Though the Security Key is not required, there are a couple of significant concerns.
At this time, use of the Security Key is not required in order to continue using PayPal. One may decide to avoid purchasing and activating the Security Key, while still retaining access to their account. This may seem to represent a mitigating factor, except for one dirty little truth. The availability of the Security Key to only sighted PayPal customers automatically means that blind and visually impaired customers are not afforded the same degree of security! That’s right. While the sighted may now enjoy two-factor, virtually unbreakable authentication, we blind folks are stuck with the traditional username and password approach. This inherently makes the blind more vulnerable to fraud, identity theft, loss of PayPal funds and all manner of other imaginable nastiness. Alas, that’s not all!
While the Security Key is currently an optional enhancement, we can see the day in the near future when PayPal will begin requiring use of this authentication method for all account holders. At that time, blind and visually impaired people will be completely locked out of their PayPal accounts, unless an accessible version of the Security Key is made available. When that happens, PayPal will be giving its blind customers the boot, showing them the tightly barred and locked door featuring the infamous “No Blind People Allowed” sign.
Multifactor authentication is not new to PayPal. It is rapidly extending to the web sites of many banks and other financial institutions. It is absolutely critical that we, as a blind community, begin to effectively address issues of visual CAPTCHA and multifactor authentication before we find ourselves locked out of online participation and even separated from our money! Let’s act now with respect to PayPal! We urge all of you to ask PayPal for information about their intentions toward blind and visually impaired customers with respect to the Security Key. Please post any responses from PayPal as comments to this article.
New Travel Web Site Provides Information Focused on Accessibility for People with Disabilities
Tamas Babinszki reports that he has built a new travel oriented web site that provides information about various points of interest, including hotels, museums and restaurants, from the accessibility perspective of people with disabilities. The CLUEniversal site is organized into a database of clues (Convenient Locations for Universal Enjoyment) contributed directly by users who have firsthand experience visiting the points of interest featured on the site.
Mr. Babinszki writes the following concerning his new project:
I travel quite a bit, and often times I find it very frustrating that when I have a couple of hours between meetings and I plan any activities, I am greatly disappointed, because the sites I visit are not accessible, and I waste the little time I have instead of having done something more interesting. However, you don’t know this until you visit the sites. I could review other sites for user recommendations, but in most of the cases it does not provide enough information for me from the accessibility point of view. For example, a museum can be wonderful, but I would like to know if there is something to touch there or things are behind glass. I would rather pick a less interesting or less famous museum when I know that they have hands-on objects. Also, I’d rather pick a guided tour with many long stops where I have an opportunity to experience the sights, as opposed to a long bus tour where all I have is the tour guide’s explanation, if any.
Therefore, I put together CLUEniversal, a site where people can enter locations, similar to other travel sites. This site, however, is different, because when people enter a new location, they can answer numerous questions about the accessibility of a place. If a restaurant has a Braille menu, if a museum has a guided tour, if the hotel has airport transportation, etc. This way people with disabilities would have a greater chance to find locations which they would enjoy visiting.Â
This site, however, is not built for people with disabilities only. It is primarily designed for all, this is what I stand for, this is what CLUE’s mean. CLUEniversal: Convenient Locations for Universal Enjoyment.
People can choose which questions they do or do not want to answer. Also, once a location (CLUE) is entered, visitors have an option to provide general, and accessibility related ratings and comments.Â
This site is totally free. I believe people should have access to such information free of charge. It is, however, optional to register, I would like to provide incentives for people who contribute the most to the database, which requires an e-mail address and a user name, and only the user name is publicly available.Â
The site is a Beta version. While I have most of the concepts worked out, the database only contains a few items. Also, more categories will be added, together with more questions in order to determine the enjoyment and accessibility level of a location.Â
As of now, I’m looking for people who are willing to test the site, provide more locations and offer suggestions on how to make this site a more useful experience for them.Â
This new site is in the early beta stage. It holds tremendous potential to make travel much more enjoyable for those of us whom happen to be blind or visually impaired. Let’s all give him a hand by adding the points of interest we visit on a regular basis.
Status of Blackberry Accessibility?
It looks like the use of Blackberry devices is going to be implemented where Karen works. We would like to hear from anyone, as soon as possible, who has any experience with alternatives available to make this system accessible.
Visual Verification: Accessible CAPTCHA Options for vBulletin Forums Now and in the Future
vBulletin, a leading provider of online web based forum software, currently features an inaccessible CAPTCHA that provides no reasonable accomodations for blind and visually impaired users. This means that all forums based on vBulletin’s software currently show us the “No Blind People Allowed” sign during the registration process.
At this time, there is one way for forum administrators to work around this barrier. An independent developer has made a RECAPTCHA modification available to licensed vBulletin customers. This modification enables use of the ReCAPTCHA service, which includes an audio version of the CAPTCHA.
A reliable source at vBulletin reports that the upcoming version 3.7 release of the software will provide alternatives to the image verification process in the form of a “simple question” text based CAPTCHA. No date has been given for the 3.7 release at this time.
We ask all vBulletin forum administrators to promptly implement the ReCAPTCHA modification now and to utilize the text based CAPTCHA upon the release of version 3.7. Please make these straightforward modifications to your forums so that the blind and visually impaired will be allowed full participation.
Visual Verification: Urgent Request to Test Browser Compatibility with Audio CAPTCHA Implementations
Recently, we have discovered a rather disturbing trend. Even in cases where sites do provide us with an audio CAPTCHA, it does not always work. In many scenarios, no audio is heard at all! The ability to hear these audio CAPTCHAs often depends on which browser (Firefox or Internet Explorer) and which version of that browser is in use. It is absolutely critical for us to collect some test data in an attempt to resolve this issue in an effective manner. Please follow these steps and report your results as indicated:
- Visit Digg – register and attempt to solve the audio CAPTCHA.
- Were you able to hear the audio? Please note the answer to this question.
- Please indicate the name and version of the web browser in use when attempting to solve this audio CAPTCHA (Firefox 2.0, Internet Explorer 7.0).
- Please indicate the name and version of the screen reader in use (JAWS 8.0, System Access 2.3, Window-Eyes 6.1).
- Visit What is reCAPTCHA? and attempt to solve the audio CAPTCHA.
- Were you able to hear the audio? Please note the answer to this question.
- Please indicate the name and version of the web browser in use when attempting to solve this audio CAPTCHA (Firefox 2.0, Internet Explorer 7.0).
- Please indicate the name and version of the screen reader in use (JAWS 8.0, System Access 2.3, Window-Eyes 6.1).
Please provide your test results, along with any potentially helpful additional details, in comments to this blog post. Your active participation in this testing is absolutely critical in order to make sure that the audio CAPTCHA solutions we get are actually workable for the vast majority of blind and visually impaired computer users.
American Council of the Blind (ACB) Resolution 07-21 on CAPTCHA Accessibility
R07-21 Captcha
- WHEREAS, proprietors of websites have found it necessary to use graphical image verification (CAPTCHA) to enhance website security and to ensure consumer privacy; and
- Whereas, the use of CAPTCHA on websites has recently increased for purposes relating to identity verification; and
- Whereas the images and codes that are used for CAPTCHA are inaccessible to people who are blind and visually impaired; and
- Whereas, title III of the Americans with Disabilities Act (ADA) which addresses the obligation of places of public accommodation to make their goods and services accessible to people with disabilities has not been consistently applied to websites;
Now therefore, be it resolved by the American Council of the Blind, in convention assembled, this 6th day of July, 2007, at the Hyatt Regency Hotel, Minneapolis, Minnesota, that this organization strongly urges the United States Department of Justice to apply Title III of the Americans with Disabilities Act  to website proprietors who deny access to their websites by users who are blind and visually impaired, through use of inaccessible CAPTCHA and to establish appropriate enforcement mechanisms that assure compliance with web access guidelines by website proprietors.
Be it further resolved that officers, directors and staff of ACB are directed to engage in consultation and to provide technical assistance to website designers, and standard-setting bodies to ameliorate the current egregious barriers to web access caused by current applications of CAPTCHA.
Visual Verification: THaCAA – Telling Humans and Computers Apart Automatically
As we already know, there are more options besides audio and visual CAPTCHA that may be used to tell the difference between computers and humans. The open source project THaCAA – Telling Humans and Computers Apart Automatically represents another way to protect valuable web site resources without excluding anyone based on sensory factors such as hearing or sight.
Visual Verification: CAPTCHA Accessibility and the Yahoo! Petition Discussed in Depth on Security Now Podcast
We thank Leo Laporte and Steve Gibson for reading an e-mail I sent them concerning the need for CAPTCHA accessibility on episode 102 of their Security Now! podcast and discussing it in depth. This show even has an excellent transcript that serves to meet the needs of the deaf or those who would just rather read instead of listen. This is exactly the kind of positive exposure we need to seek for the CAPTCHA accessibility issue on a much more frequent basis. Let’s all sign the Yahoo! Accessibility Improvement Petition and take all possible actions to spread the word as far and wide as possible!
The Subtle Differences Online Petitions Can Make in Accessibility Advocacy Issues
As I continue to promote the Yahoo! Accessibility Improvement Petition initiative, I receive occasional private and public comments from those who wonder whether these online petitions really can make a difference or just represent a waste of everyone’s time. Of course, I feel they can serve to effectively support taking positive action on the accessibility issue in question, even when the differences made are subtle.
It has been my experience that the following positive things happen when an online petition is initiated and widely disseminated:
- The petition acts as a single rallying point within the blind community around which debate and discussion takes place.
- It is easier to convince blind and sighted people to show their support for the needed accessibility accomodation by signing a simple petition than it is to ask them to take more complex actions such as those involved in traditional letter writing campaigns.
- Individuals, organizations and even the media will, sometimes, take their own initiative, asking questions of the company being petitioned.
- The costs for organizing, promoting and bringing an online petition to its ultimate conclusion are quite low, even fitting within the budget of one blind couple not receiving any other means of financial support for such activities.
- People who sign the petition often add comments, which can also serve as testimonial evidence explaining the reasons why the requested action is needed. Many signers of the Yahoo! Accessibility Improvement Petition, for instance, are telling the world that the company’s representatives usually do not answer requests from blind and visually impaired people for assistance with the features protected by the visual CAPTCHA.
Are online petitions the right path to the promised land of resolving all accessibility issues? I’m absolutely sure they are not! Instead, they can represent a good first step in the process. The Google Word Verification Accessibility Petition garnered almost 5,000 signatures. Did it make a difference? Did the decision-makers at Google consider 4,725 signers sufficient representation of support to warrant creating the audio word verification scheme that now permits most blind and visually impaired people admission to all Google services? We just do not have these answers. Some tell me the petition made a difference, while others tell me it did not. The petition did evoke discussion of the CAPTCHA issue inside and outside the blind community, thousands of blind and sighted people indicated their support by signing and the concerns of the blind regarding the harm caused by the lock out imposed by visual CAPTCHA were raised effectively and repeatedly in the sighted world. The point is, we did something. We asked Google to make their visual verification more accessible to the blind, and it happened! The petition was open for only four months when Google roled out its audio CAPTCHA. The point isn’t the number of signatures on the petition or, even, whether the petition made the ultimate difference. It may have worked together with a couple of other efforts at contacting Google executives concerning the issue. In any case, we won our right to access Google, educated the public about the pitfalls of visual only CAPTCHA and may have ultimately helped to increase the availability of accessible web sites as well as commercial and free tools including audio or text based CAPTCHA for use by developers! Whether direct or indirect, isn’t that a great accomplishment for a grassroots advocacy effort?
It is time for all of us to get the job done once again! Right now, the Yahoo Accessibility Improvement Petition has 609 signatures. Reliable sources tell me that decision-makers at Yahoo! are already aware of the existence of this petition, and that implementation of an audio CAPTCHA is now being considered. The question is apparently one of priorities. The company’s unworkable scheme has been in existance for five years now. Let’s not allow this lock out to continue for another five years or longer! Yahoo! is watching us! Let’s all sign this petition right away, get our family and friends to do likewise and publicize this initiative as effectively as possible! Please feel free to contact me with any questions regarding this critical accessibility evangelism campaign.