this post was submitted on 28 May 2026
526 points (99.3% liked)

Privacy

48872 readers
552 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
526
"Scan to Verify You're Human": Google's reCAPTCHA is trialing a new "experimental challenge type" which requires desktop users to use an Android or iOS device to be able to pass it (lemmy.ml)
submitted 5 days ago by cypherpunks@lemmy.ml to c/privacy@lemmy.ml
160 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.ml/post/47972724

i encountered this for the first time today while attempting to read something on archive.today.

i confirmed that decoding the qrcode using a computer and following the URL it contains is insufficient; the error it gave directed me here which is what the linked screenshot is of.

the old type of captcha remains available too, for now:

screenshot of text: Important: Mobile verification for Google Cloud Fraud Defense is an experimental challenge type in Preview. Visual and audio challenges are available as alternatives for users who can't complete mobile verification. To use them, click the Visual or Audio buttons.

you are viewing a single comment's thread
view the rest of the comments
[–] Chulk@lemmy.ml 9 points 5 days ago (1 children)

Who owns the implementation of this? Is this something that websites opt into and add to their own site? Or is this something that Google injects when you're clicking a search result on Google?

[–] cypherpunks@lemmy.ml 19 points 5 days ago

Is this something that websites opt into and add to their own site?

Yes.

reCAPTCHA is google's "anti-abuse" service which many websites use to ~~prevent~~ slightly increase the cost of operating automated crawlers (which somewhat ironically google operates one of the largest of itself, for their search engine).

Before neural networks could solve CAPTCHAs reliably, spammers were solving them with human labor; solving services like anti-captcha.com (intentionally not a clickable link...) today use a mixture of automated and human solvers.

In the future google is apparently building, solving services will need farms of able-to-run-a-recent-android-release mobile devices with some kind of trusted computing hardware, each one of which they'll have to use sparingly enough to keep usage of its unique ID under some plausibly-human threshold.

And even if you do have a phone and are willing to identify yourself with it, if it is too old to run a recent enough Android you also will sometimes be denied services for being unable to pass a robots' "human" test.

🤮