QR Captcha

QR Captcha

Alternative Solution for Captcha for Visually Impaired People i.e. QR Captcha

Jyoti Yadav

Student B.Tech, Computer Science Engineering. , A.D.G.I.T.M Delhi, India.

Yash Aggarwal

Student B.Tech, Computer Science Engineering. , A.D.G.I.T.M, Delhi, India.

Vaishali Goel

Assistant Professor, Department of Computer Science Engineering. , A.D.G.I.T.M (Formerly Northern India Engineering College)

Delhi, India

AbstractCaptchas are usually found as distorted text images, algebraic calculations or noisy audio messages. Our idea doesn't aim to verify humans only by actions that only a human performs, we provide an OTP based QR code scanner that fetches encrypted OTP hidden in QR and decrypts it using a specific key(unique for every client) and shows to the user. This not only verifies users as a human but it also prevents decrypted OTP access from bots. The idea is based on the fact that it is not dependent on human sensory abilities.

KeywordsCaptcha, BOT, QR Code, Human Computer Interactions, Authentication .

1. INTRODUCTION

   It is evident from years of research available online that Captchas are still far away from the notion of a completely secure solution to identify the user as a human. If somehow we are able to remove bots, crawlers and even spammers from the equation then there will be no need for captcha at all. There are a number of researches done till now for the search of best captcha but all of them have some flaws in them and if not then they are not suitable for visually impaired people .To overcome this issue we propose an alternative solution i.e. QR captcha which is another extension to them and this QR Captcha is designed in a way which is also suitable for visually impaired people.

2. VARIOUS KINDS OF CAPTCHA

   1. Search For Best Captcha

      There are certain parameters, which would classify one particular captcha as best captcha and these are:

      • Tasks which are only performed by user not computers.

      • Task which is quick for user to perform and nearly impossible for a computer to be done.

      • Minimize any loopholes if there were any.

      • Task which are accessible for every user to perform even for persons with disability.

   2. Most Popular Captcha Available

      1. Text Recognition Certainly the most widely used captcha in its initial stage, in which a

         distorted image is shown and the user needs to enter the distorted text correctly in the box provided.

         Figure :1 (Text Recognition Captcha)

      2. Logic Questions The idea behind launching them was that some people believe that answering logical questions would be easier than performing visual tasks. They have around 180 million basic logical questions such as:

         What is twenty three as digit?

         Which number is lower among 2, 5, 6?

         These questions are designed keeping in mind the intelligence of a 7 years old kid. They are far more accessible than the previous captcha but it has its own disadvantage and the main drawback of this is computer can still break this.

         Figure : 2 (Logic Questions Captcha)

      3. Image Recognition In the evolving world of captcha many have also experimented with images they started in which a image of some known animal has to be entered in the box

         provided. Microsoft also used Assira Project to search images. But it doesnt seem to be seen widely because it didnt improve usability instead of that it jeopardizes accessibility. Hence it is not the most famous or long running type of captcha.

         Figure : 3 (Image Recognition Captcha)

      4. Friend Recognition A more interesting method is friend recognition which appeared in 2011 first time which is an efficient effort by social media giant FACEBOOK. In this a picture of your friend is shown from the friend list on your Facebook account and you have to enter the name of that friend, But the biggest disadvantage of this method is very much clear to everyone i.e. we dont knew the name of every person in our friend list, hence this method is also not good to terminate our search of a perfect captcha.

         Figure : 4 (Friend Recognition Captcha)

      5. User Interaction Another method which grabs a lot of attention was user interaction in this a user needs to perform certain tasks and make the captcha authentication process a bit interactive. They uses a slider option in which user needs to

      perform the slider task for authentication, But this method fails for persons with special needs.

      Figure : 5 (User Interaction Captcha)

3. A NEW EFFORT- QR CAPTCHA

As we already see that there were a lot of research have been done in search of a perfect captcha but none of them suits the needs of secure captcha authentication, perfectly. So we have designed a new method which can be equally suitable for visually impaired people. In our method a user needs to scan the QR code provided at the time of login with any scanning mobile application. Since it is a two way encryption task so the security risks are minimized very efficiently. We have tried to build something new which covers all the four points described above in this paper.

Figure : 6 (Idea Prototype)

The idea behind the QR captcha is to generate a unique secret key for any new user, respond the client with a token in the form of a QR code and add mobile device as an intermediary to perform the action of validation instead of a human but still require human intervention.

As the idea prototype picture describes the idea behind the QR captcha it is quite clear now that how actually we assemble it. The final product of our product has been shown in pictures below:

Figure : 7 (QR Code Authentication)

Figure : 8 (Final Project Image (a))

Figure : 9 (Final Project Image (b))

Figure : 10 (Final Project Image (c))

1. Drawbacks

   The one drawback of using this QR captcha is that you need a mobile phone to access the login page. Which is also not a major problem we can prove our point by showing some statistics :

   Figure : 11 (Internet Usage Statistics)

   This is the latest 2020 statistics report published on broadband.net website. The above figure clearly depicts that the number of mobile users are certainly high as compared to the desktop users so this wont be a major problem about our idea of implementing QR Captcha.

2. Future Scope

We have included all the details related to our project in making and innovating something new which can become a small contribution towards evolving new technologies. If anyone feels like making any new inclusions in this they are open to do so all the progressions made in this project are welcomed freely without any restrictions. Everyone is allowed to make use of this paper and take some help if they wanted to dig further inside world of captcha in doing bot protection and eliminating crawlers from this equation because that is the only way possible to remove bot attacks and make a safer environment for using internet more securely.

We are also planning to extend this idea and make it more user friendly by developing a custom mobile application which can guide it's user to the QR code on the screen and scan the QR code more easily which will help the working of QR Captcha more efficient and quick for user.

ACKNOWLEDGEMENT

No Great work was ever done without the effective guidance of some really experienced and professional guide. And it is not hard to conclude that how positive asistance from our professor helped us in completing this research paper. We would like to thank our college professor for active guidance throughout the completion of the project.

Also we are thankful to each one of them who are not mentioned here but the helped us indirectly in completing this research paper.

CONCLUSION

In this research paper we have shown al the previous existing methods of captcha authentications we make a step ahead in this discussion and tried to innovate something new to make the whole process of authentication a bit more secure. So came with a solution in form of QR Captcha which have its own drawback but they are not much significant and we can easy dealt with it also they wont raise any security concerns which are a major drawback of previously used CAPTCHAS.

REFERENCES

CSAktiveSpace project homepage: http://triplestore.aktors.org/demo/AKTiveSpace/ [last accessed 25/04/05]

CSAktiveSpace project homepage: http://triplestore.aktors.org/demo/AKTiveSpace/ [last accessed 25/04/05]

1. Broadband.net for using images.

2. H.S. Baird and K. Popat, "Human Interactive Proofs and DocumentImage Analysis," Proceedings of the 5th IAPR International Workshop on Document Analysis Systems, Princeton, LNCS 2423, 2002, pp. 507- 518.

3. David Bushell "In Search Of Best CAPTCHA, Smashing Magzine , 2013, pp. 36-42, 2013.

4. Chandavale, A.A., Sapkal A.M and Jalnekar, R.M.Algorithm to break visual CAPTCHA Emerging Trends in Engineering and Technology (ICETET), 2009 2nd International Conference, 10.1109/ICETET.2009.24

5. Ahn, L. von, Blum, M., Hopper, N. J., & Langford, J., (2003), CAPTCHA: Using hard AI problems for security, Proceedings of Eurocrypt 2003. Mukta Rao and Nipur Singh Random Handwritten CAPTCHA: Web Security with a Difference I.J. Information Technology and Computer Science, 2012, 9, 53-58 Published Online August 2012 in MECS (http://www.mecs- press.org/) DOI: 10.5815/ijitcs.2012.09.07

6. Panda Security "What Is Captcha?, Smashing Magzine , 2013, pp. 36-42, 2013

7. Monica Chew and J. D. Tygar Image Recognition CAPTCHAs In Proceedings of the 7th International Information Security Conference (ISC 2004), Springer, September 2004, pp. 268-279.

8. Shirali-Shahreza. M and Shirali-Shahreza. S Motion CAPTCHA Human System Interactions, 2008 Conference DOI:10.1109/HSI.2008.4581589.

9. NitishaPayal, Nidhi Chaudhary, Parma NandAstya JigCAPTCHA: An Advanced Image-Based CAPTCHA Integrated with Jigsaw Piece Puzzle using AJAX International Journal of Soft Computing and Engineering (IJSCE) ISSN: 2231-2307, Volume-2, Issue-5,

   November

10. V. Premanand, A. Meipppane, V. Arulalan, V. Arulalan"Survey on CAPTCHA and its Techniques for BOT protection , Smashing Magazine , 2015 International Journal Of Computer Applications 109(5):1-4