• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

Mobile ID World

Mobile ID World

Identification Revolution

  • Mobile ID
    • What Is Mobile ID?
    • Identity Associations
    • Premier Partners
    • FAQ
  • News
  • Solutions
    • Behavioral
    • Facial Recognition
    • Fingerprint Biometrics
    • Iris Biometrics
    • Second Factor
    • Smart Cards
    • Smartphones
    • Vital
    • Voice
    • Wearable Tech
    • Other
  • Applications
    • Access Control
    • Cloud Technology
    • Commerce
    • Enterprise
    • Healthcare
    • Identification
    • Internet of Things
    • Law Enforcement
    • Strong Online Authentication
  • Exclusive
    • Interviews
    • Featured Articles
    • Podcasts
  • Companies
  • Events

Aiming Beyond Passwordless Authentication, Apple Seeks to Kill the CAPTCHA

June 22, 2022

Once the next iOS operating system gets rolled out, Apple users may never need to identify a boat again, thanks to a new security feature. Apple has found a way to eliminate the need for CAPTCHA authentication.

Aiming Beyond Passwordless Authentication, Apple Seeks to Kill the CAPTCHA

We’ve all encountered CAPTCHAs – an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”. In order to weed out bots, CAPTCHAs ask users to prove that they are real humans by typing in the number or letters presented in an image, or by selecting the images in a given set that contain a certain object, such as a boat.

It’s a useful security tool, but it’s a high-friction one that can seriously disrupt the user experience. Many simply find these exercises annoying.

Apple’s solution, revealed at the company’s recent Worldwide Developers Conference, would use the company’s iCloud platform to bypass CAPTCHAs on the web and in apps. It would do so using Private Access Tokens, or PATs: essentially, a server would ask an Apple device for a token using the HTTP PrivateToken authentication method, and iCloud’s attestor system would respond by getting a certificate from the device’s Secure Enclave and passing it along.

The requesting server would not receive any particular information about the end user, but would instead trust Apple’s attestor that it really is a bona fide human at the other end.

The solution further illustrates Apple’s focus on sophisticated, user-friendly security solutions for its users, arriving alongside the company’s announcement of its trailblazing Passkeys solution at the same WWDC event. Passkeys are designed to store a unique code for each of a user’s online accounts on their device, which can be unlocked using Apple’s biometric authentication systems. They’re highly secure, yet can deliver a better user experience by eliminating the need to enter passwords when accessing online accounts, instead replacing them with face- or fingerprint-based login mechanisms.

These efforts may hint at a more collaborative approach to digital security on Apple’s part. The company has generally been known for keeping a closed, tightly-controlled ecosystem, but was recently roped into a commitment to work with rivals Microsoft and Google on the development of standards for interoperable passwordless login methods in partnership with the FIDO Alliance and the World Wide Web Consortium. Apple framed its Passkeys solution as a part of that effort, and it’s now working to make Private Access Tokens a web standard as well, according to AppleInsider.

None of these features are widely available yet, of course. The Passkeys and CAPTCHA bypass solution were unveiled at WWDC, but won’t be rolled out to most Apple customers until the launch of iOS 16 and macOS Ventura, anticipated for later this year.

Sources: TechCrunch, AppleInsider

Filed Under: Carousel, Industry News Tagged With: Apple, Apple WWDC, Biometric, biometrics, CAPTCHAs, cybersecurity, face biometrics, facial recognition, Fingerprint biometrics, passwordless authentication, strong online authentication, WWDC

Related News & Articles

Jumio Finds Age-Restricted Sites Use Inadequate Verification Technology

TRUSTDOCK KYC Platform Gets iProov Liveness Detection

Mobile Money Remittances Skyrocketed During Pandemic: GSMA

Primary Sidebar

Learn About Mobile ID and Aviation

Tweets

Sponsored Links

facetec logo

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi’s product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Recent Posts

  • NordPass, Yahoo! Japan, and Regula Keep Up Mobile Biometrics Momentum
  • NordPass Enables Biometric, TOTP-secured 2FA for Business Users
  • Mastercard Solution Certified Under UK’s Digital ID Framework
  • Transatlantic Digital Traveler Identity Project Gets High-Profile Tech Partner
  • Digital Identity Tech Demo Online Event

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2023 MobileIDWorld