NuCaptcha Improves Integration of CAPTCHA System

A company that makes a security product designed to thwart problems such as comment spam has added new security and customization features for website owners.

NuCaptcha’s self-titled product takes a different approach to the CAPTCHA, which stands for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.”

A CAPTCHA is usually a jumbled sequence of text that a person must enter before they can perform some transaction on a website, such as signing up for a new e-mail account or writing a comment on a blog.

It is designed to stop “bots,” or automated programs that search for forums on blogs, for example, to drop unsolicited advertising messages. The problem is that CAPTCHAS have become more and more scrambled in order to defeat optical character recognition (OCR) programs that have been getting better at solving them.

But the more difficult CAPTCHAS are also hard for humans and impede a user’s experience on a website. One in four people fail to solve a CAPTCHA and give up, said Ron Moravek, NuCaptcha’s chief operating officer.

NuCaptcha takes a different approach, using video with streaming letters rather than a static box of blurry text. The CAPTCHA is easier to solve and is not easily beaten by automated programs.

One of NuCaptcha’s latest improvements has been to make its CAPTCHA easier for website developers to integrate into their sites. On Thursday, the company said it has introduced a smaller version of the CAPTCHA as well as different themes in its free product.

For the company’s “Pro” product, which is designed for websites that serve more than 25,000 CAPTCHAS a month, NuCaptcha’s product can be customized in a “skinless” form in order to let developers have a CAPTCHA that matches the theme of their site and is less visually disruptive, Moravek said.

The company has also improved the behavior analysis system, which studies how a person or a bot is using a website and can adjust itself to defend against attacks, said Christopher Bailey, the company’s chief technology officer.

“The vast majority of transactions are done by humans, and we can see a strong pattern in that,” Baily said.

NuCaptcha can now identify faster when a website is possibly being attacked and generate a score based on the risk. In response, the system can make the text in the CAPTCHA longer, for example, or display the text slower.

The system can also do an IP (Internet protocol) address lookup to see where the CAPTCHA solving attempts originate, which provides an indication if the CAPTCHA attempts are legitimate or automated.

NuCaptcha said its system is being used by 5,000 websites, including the blogging platform WordPress.

Send news tips and comments to jeremy_kirk@idg.com