Cloudflare is studying the use of physical security keys as an alternative to end the hassle of Captcha checks. According to the hosting company, the idea is to save users’ time and reduce friction in accessing services, especially those used by companies or governments to register and provide services or information.
The challenges, which usually involve selecting photos from a specified object or typing texts and numbers from scrambled images, exist to prevent such systems from being exploited or attacked by malicious or data extraction robots. However, in order to maintain security, obstacles are also placed for ordinary users, who, in the words of the companies, “need to prove their humanity” before Captcha.
The solution tested by Cloudflare involves the use of physical security keys, such as those already used today in multi-factor authentication systems. Instead of typing words or choosing images, the user would be invited to insert the devices into the computer’s USB or to synchronize with the cell phone via Bluetooth, with the verification taking place in order to confirm the authenticity of the access.
It seems laborious, but, according to analyzes that are part of the tests, it is less than the verification by Captcha. According to a survey by Cloudflare, users spend about 32 seconds solving typing or identification challenges, while using keys solves the problem in approximately five seconds – mainly in a wide-scale adoption universe, where security keys can be used. remain permanently connected to the computers of a company or service, for example.
In addition to representing the future end of Captchas, the experiments are also part of a larger ambition of Cloudflare, which believes in a future without passwords, with the popularization of security keys. The company admits that this is the current major obstacle to adopting verification using physical devices, but with more and more companies adhering to the protocols, the service believes it is only a matter of time before end users, and not just celebrities, politicians, activists and others targeted individuals, also start to use the solutions.
The system, as a whole, is still in the testing phase and also follows other developments in Captcha’s own technology, which is also undergoing studies to become less intrusive. On an official website, called Cloudflare Challenge, users can experiment with using security keys as an alternative to scans.