1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Proton builds its very own privacy-first CAPTCHA system

    From TechnologyDaily@1337:1/100 to All on Fri Sep 29 15:30:05 2023
    Proton builds its very own privacy-first CAPTCHA system

    Date:
    Fri, 29 Sep 2023 15:07:21 +0000

    Description:
    The cybersecurity firm describes it as "the world's first" censorship-resistant CAPTCHA that can access its VPN and email where blocked. Here's all you need to know.

    FULL STORY ======================================================================

    The cybersecurity firm behind the popular encrypted email and VPN service has just unveiled its very own secure CAPTCHA service.

    Proton CAPTCHA solves issues within existing systems that website providers use to discern between genuine login attempts and malicious bots. The new technology claims to never compromise privacy, security, and accessibility, while describing itself as "the world's first" CAPTCHA with built-in censorship-resistant technologies.

    This isn't the first time the company behind ProtonVPN and ProtonMail has
    gone the extra mile to protect its customers. Just a month ago, for example, it launched Proton Sentinel to offer increased protection to users at higher risk of cyberattacks. Fixing CAPTCHA issues

    Short for "Completely Automated Public Turing test to tell Computers and Humans Apart," there are many CAPTCHAs systems out there that websites
    utilize to protect users from bot and spam attacks. However, Proton wasn't satisfied with existing solutions as it felt they were not aligned with its company's values.

    "Captchas are an incredibly important tool to protect users against increasingly sophisticated attacks. However, most Captchas are not privacy first and can divulge users sensitive information to internet giants," Eamonn Maguire, Head of Account Security at Proton, told us.

    He explained that in order to function, many CAPTCHAs retain a permanent record of users' phone or computer unique identifiers. This allows them to track their activities across the web, collecting more data that might be
    used to train the company or a third-party AI system. Chat-GPT and similar apps are also making common CAPTCHAs obsolete, seeing as the software can easily crack the puzzles.

    For this reason, and to promote better usability, tech giants like Apple and Cloudflare are switching from the classic CAPTCHA puzzle to alternative mechanisms, such as device performance and telemetry data. Yet, for Proton, this was still just a patchwork solution.

    "Thats why we developed Proton Captcha, a new system that can adeptly balance security with usability, accessibility, and privacy that can evolve in tandem with the shifting tactics of malicious actors," said Maguire. (Image credit: Proton)

    Proton CAPTCHA takes a multi-layered defense approach , combining a computational proof of work with visual challenges to determine if the login attempt comes from a genuine human. At the time of writing, the latter includes a beam alignment challenge and an intuitive 2D puzzle. The system also offers accessible alternatives for users with visual impairments.

    Proton proof of work also differs from other CAPTCHA offering something similar, as the system adapts the difficulty of the task if it records suspicious behaviors. In practical terms, even if a bot can bypass the
    initial proof of work, after struggling with the visual challenges, it will
    be met with increasingly complex computations. Proton's privacy-first ecosystem

    Proton's security suite keeps growing as new cyber threats arise. It now includes its VPN ( ProtonVPN ), ProtonMail , Proton Drive , Proton Calendar , and Proton Pass .

    Proton CAPTCHA promises to take a privacy-first approach thats fully GDPR compliant.

    It also claims to be the first system ever to support anti-censorship technologies , which can be activated directly from Proton's website and apps to grant users access to places like Russia and Iran where its services are often blocked.

    On this point, Maguire told us: "By developing our own solution, we have
    built a CAPTCHA that navigates such issues when alternative routing is turned on whilst still working normally for those who dont need anti-censorship tools."

    This is the most recent tool within Proton's continuous commitment to users' online safety and internet freedom. The company assures more innovation will arise in this space as new CAPTCHA threats evolve. Third parties caring for users' privacy might also be able to use Proton's system via an API in the futurethere are no plans in this direction just yet, though.

    "However, we are assessing third party interest in the system," Maguire told TechRadar. "If we receive a large amount of interest and opening it up makes economic sense, then we would be open to making it available to third parties."



    ======================================================================
    Link to news story: https://www.techradar.com/pro/vpn/proton-builds-its-very-own-privacy-first-cap tcha-system


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)