Serious Discussion Proton builds its very own privacy-first CAPTCHA system

[vtqhtr413]

The cybersecurity firm behind the popular encrypted email and VPN service has just unveiled its very own secure CAPTCHA service. Proton CAPTCHA solves issues within existing systems that website providers use to discern between genuine login attempts and malicious bots. The new technology claims to never compromise privacy, security, and accessibility, while describing itself as "the world's first" CAPTCHA with built-in censorship-resistant technologies. Short for "Completely Automated Public Turing test to tell Computers and Humans Apart," there are many CAPTCHAs systems out there that websites utilize to protect users from bot and spam attacks. However, Proton wasn't satisfied with existing solutions as it felt they were not aligned with its company's values.

Proton CAPTCHA takes a multi-layered defense approach, combining a computational proof of work with visual challenges to determine if the login attempt comes from a genuine human. At the time of writing, the latter includes a beam alignment challenge and an intuitive 2D puzzle. The system also offers accessible alternatives for users with visual impairments. Proton proof of work also differs from other CAPTCHA offering something similar, as the system adapts the difficulty of the task if it records suspicious behaviors. In practical terms, even if a bot can bypass the initial proof of work, after struggling with the visual challenges, it will be met with increasingly complex computations.

Proton builds its very own privacy-first CAPTCHA system

The cybersecurity firm describes it as "the world's first" censorship-resistant CAPTCHA

www.techradar.com

 

[Ink]

Official blog post - Introducing Proton CAPTCHA | Proton

Our system offers the following features:

• Built with a privacy-first approach that’s fully GDPR compliant
• Mobile friendly
• No third-party services
• Support for alternative routing, allowing access to those in restricted countries
• Multiple defenses:
  1. Proof of work: Computational challenges with adjustable difficulty.
  2. Visual challenges: Multiple visual challenges, including our CERN-inspired particle collision challenge.
  3. Privacy-preserving bot detection
• Support for the visually impaired

Proton CAPTCHA has already been served to millions of users over the past months, with 100% of sign-up and login CAPTCHAs now using our in-house solution.

However, this is only the start of the journey. Our goal is to provide a CAPTCHA that is accessible, usable, privacy-preserving, and secure against even the most advanced threats. As such, you can expect to see more innovation in this space, with the goal being to reduce the burden of CAPTCHA for real users while making it hard for attackers to abuse our services.

We look forward to hearing your feedback and suggestions! In the future, we may also consider making it available for third-parties who care about privacy via an API. To find out more, you can contact us at enterprise@proton.me.