Ricerc@Sapienza

This paper presents a novel strategy to implement a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). The aim of these tests is to easily and reliably distinguish between real human users and (malicious) bots. The approach underlying FATCHA is to exploit real time capture of human actions instead of human ability to recognize visual or auditory items. The latter approach explicitly requires proposing a challenge difficult for an automatic responder but easy for a human. However, it is often the case that pursuing the first feature takes to lose the second one. Moreover the user task may be hindered by specific disabilities. According to FATCHA approach the system rather asks the user to carry out some trivial gesture, e.g., rotating or moving the head. The webcam, which is available in almost all computers or mobile devices, captures the user gesture, and the server (hosting the service to protect) matches it with the requested one. It is possible to extend the service with a second module that allows the user to authenticate himself by face recognition instead of using a password. On the contrary, FATCHA gesture challenge can be used as a liveliness test to avoid biometric spoofing. Multimodal interaction is the base for both an advanced Human Interactive Proof (HIP) test and for robust/comfortable authentication. © 2016 Springer Science+Business Media New York