← All stories
● Covered by 1 source Β· 1 reportMedium impact

Google tests webcam-based reCAPTCHA that can be bypassed with stock photos

Aggregated by BrevFeed security Β· updated 6h ago
πŸ”– Save

Google is trialing a webcam-based reCAPTCHA that requires users to show hand gestures. However, testers quickly circumvented it using stock photos, highlighting potential weaknesses in its implementation.

Key points

Overview of the New reCAPTCHA

Google is testing a new method for its reCAPTCHA system that requires users to use their webcam to perform hand gestures. This experimental feature is part of Google Cloud Fraud Defense and aims to enhance security against threats like automated account creation.

How the Hand Gesture Check Works

When the reCAPTCHA is triggered, the browser requests camera access to capture a user's hand movement. The system maps 21 points on the hand to ensure a real person is present. Google claims to delete the footage post-verification and assures users that data is not tied to their identities.

Challenges with Efficacy

Despite Google's intentions, the new system was quickly bypassed using a stock image of a hand fed through a virtual camera. Testers managed to pass the verification without any live interaction, raising questions about the effectiveness of the hand gesture check.

Implications for User Experience and Security

The gesture recognition method adds an additional layer to the existing CAPTCHA challenges but may lead to frustrations for genuine users. The test results suggest that the new method could introduce more complexity without significantly improving security from automated attacks.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Reporting from

Google is trialing a webcam-based reCAPTCHA that requires users to show hand gestures. However, testers quickly circumvented it using stock photos, highlighting potential weaknesses in its implementation.