Soon Apple iPhones will be able to bypass CAPTCHA verification step

Earlier this month, Apple offered a glimpse of what’s coming in its new software updates: iOS 16, watchOS 9, macOS 13, and iPadOS 16 for the election later this year. The beta versions have been made available to registered software professionals of the Apple Developer Program and the public preview version will be released next month.

In the meantime, registered iOS coders are impressed by a lesser-known value-added feature called Private Access Tokens, coming in iOS 16. It ensures that users log in or visit the website faster than other mobile users.

Almost all websites are equipped with a CAPTCHA verification feature to prevent non-human bots developed by malicious parties from accessing the web pages and it mainly aims to prevent Directed Denial of Service (DDoS) attacks.

However, most users find it annoying to waste time understanding and matching the oddly shaped characters, sometimes calculating math problems, and the most common CAPTCHA verification procedure is identifying the block of traffic lights or hydrants in an image. .

Now Apple has teamed up with internet and digital infrastructure providers with Private Access Tokens that provide assurance that a person using certain devices, in this case iPhones or Macs, is a real person and automatically accesses a website or an app.

Apple goes the extra mile to improve user privacy, as CAPTCHAs tend to record the user’s IP address and also use fingerprinting techniques, an online tracking considered more invasive than regular cookie-based tracking. This is done to verify whether a person is real or not and also to create a profile of the user for future CAPTCHA verification. Once a profile is created, the person going to the same website will provide the latter with simpler puzzles and less complexity and improve the user experience.

Must read | Cloudflare-supported Shopify, GitLab and more are experiencing outages in India

And the other pain points of CAPTCHA verification are that it discourages people with disabilities in terms of vision from identifying images or even calculating math. And those who don’t know the English language find it taxing to visit a website.


Flowchart for private access tokens. Credit: Apple

But with Private Access Tokens, Apple devices will block all kinds of tracking, skip CAPTCHA verification and provide direct access to the website or an app.

Private Access Tokens are generated by multiple security permissions, starting with a person opening an iPhone/iPad/Mac with TouchID/Face ID, reopening a website/app with an authentic Apple ID, and launching the code-signed app. All these three processes ensure that the person is real and not a bot.

It’s good that Apple has partnered with Cloudflare and Fastly, who offer their services to most of the online businesses in the world.

As of September, most Apple iPhone and Mac device owners will be able to skip the CAPTCHA verification and access a website or application faster than ever before.
In a related development, Apple, Google, Microsoft and others are working on the FIDO standard for passwordless login on devices next year

Read more | Apple, Google and Microsoft commit to offering a passwordless future

Get the latest on new launches, gadget reviews, apps, cybersecurity and more on personal technology, only on DH Tech.

Leave a Comment

Your email address will not be published.