1

If software can be built to recognize faces and match those faces to names, then how is that CAPTCHA works? Recognizing letters seems a lot easier than matching faces.

Ryan
  • 1,439
  • 2
  • 10
  • 10
  • 1
    because facial recognition isn't perfect either, – ratchet freak Aug 28 '14 at 22:56
  • Do you mean facial recognition as in "that's a face" or "that is person X from my database"? The two are very different problems. – Móż Aug 29 '14 at 01:41
  • That is person X from my database. Associating a picture with a person – Ryan Aug 29 '14 at 01:45
  • 1
    [Sharing your research helps everyone](http://meta.programmers.stackexchange.com/questions/6559/why-is-research-important). Tell us what you've tried and why it didn’t meet your needs. This demonstrates that you’ve taken the time to try to help yourself, it saves us from reiterating obvious answers, and most of all it helps you get a more specific and relevant answer. Also see [ask] – gnat Aug 29 '14 at 06:10
  • 1
    I think both of your premises are false. Consider a name change ;) – JeffO Aug 29 '14 at 13:40
  • face recognition software usually fails to recognize a distorted face – alo Malbarez Mar 07 '19 at 23:27

2 Answers2

8

Captcha doesn't always work; hackers use ever more sophisticated techniques to try and defeat it. In response, Captcha systems distort the letters in some way to confound those techniques, either by twisting the letters, putting a line through them, reversing the background and foreground colors randomly, and so on.

enter image description here

This relies on the human's ability to still read the words in the presence of a lot of noise, a quality most OCR algorithms do not have.

In other words, Captcha works because we can obfuscate it in ways that makes it difficult for a computer to solve. The same principle applies to any sort of computing security apparatus: we seek to find ways to secure content that are easy for humans to use, but hard for computers to reverse-engineer. We are not always 100 percent successful in that regard.

Facial recognition doesn't always work either. Despite the implication in your question that computers are better at it, the same problems that face Captcha solving algorithms also apply to facial recognition software: you still need a good candidate image, the process can be confounded by shadows, etc.

Note that Captchas don't have to be perfect. The most trivial of Captchas still eliminate 90 to 95 percent of the spammers; the good ones eliminate 99 percent. It's not about keeping everyone out; it's about closing the door so that not any Tom, Dick or Harry can just walk through the doorway without some sort of challenge.

Ultimately, most spammers are lazy, and aren't really in the business of writing sophisticated software algorithms to defeat Captcha's, unless the potential payoff is especially great. They're after the low-hanging fruit.

Glorfindel
  • 3,137
  • 6
  • 25
  • 33
Robert Harvey
  • 198,589
  • 55
  • 464
  • 673
  • 1
    note that even the simplest captchas also defeat some people, and it's obviously difficult to make ones that humans can recognise but computers can't. I've been defeated by the tiny curvy letters with dots ones before (as in "too many attempts, you lose"). FWIW google's ones seem to be deliberately easier if you use Chrome rather than a non-google browser. – Móż Aug 29 '14 at 01:40
1

It all comes down to recognizing patterns. Facial recognition works by recognizing patterns (distance ratios) of facial features, as well as shadows. These ratios are looked up in a database to try and match an actual face - this isn't flawless however and can bring up false positives.

CAPTCHAs and reCAPTCHAs use distortions to muddle recognizable patterns of letters and numbers, to make it difficult for OCR algorithms to understand them.

occasionalDev
  • 81
  • 3