Facebook’s Social Captcha Nightmare
Facebook announced today that they would be using their own social captchas to authenticate that humans are logging in. In situations where the platform security identifies a possible bot or hack instead of seeing a traditional captcha of words or characters, the user will see a picture of a friend that they will have to identify.
There are a number of debatable challenges with this strategy that could make this tactic entirely ineffective including these two obvious reasons:
- Personally I know a lot of people and Im probably an average facebook user with around 300 friends. These “friends” are people who I just add when I come across them and may not actively engage with them. Based on the distorted photos or other photos I have seen I would have trouble identifying some of the “friends” that may appear as their social captcha, nor do I want to.
- Most importantly, I’m ok with my friends seeing pictures of myself when they are Facebook, but I don’t want random pictures of me just popping up when someone is logging into their account. Call me paranoid, call it privacy concerns, but it just doesn’t sit well with me. I always look at Facebook’s privacy settings to make sure who can see what, but how many users do that? From my own quick test, not many.
Facebook seems to have its hands full of challenges with Web Fraud Detection but, there has to be a better way to address this. I also applaud Facebooks effort to secure all of our personal information but, this doesn’t seem like the best solution. Anyone know who we should talk to at Facebook to show them NuCaptcha? After all, not everything needs to be social…..
