It’s not one of the iOS 16 features that Apple touted at the WWDC 2022 conference in June, but it’s an option that will make surfing the net much more enjoyable for many device owners. iPhone. Apple wants to do away with CAPTCHAs found on many sites.
The CAPTCHA is a test that serves to recognize the humanity of an Internet user, with an exercise that robots are not supposed to pass. It can be a distorted word in an image that must be rewritten in an input control or a mosaic of images in which you are asked to identify a specific element (a bicycle, for example) . Sometimes it’s a math calculation.
But that’s not taking into account the rapid progress of computing, with systems that are increasingly efficient in optical character recognition, to identify distorted words, or in the analysis of the content of an image. Admittedly, CAPTCHAs have been strengthened over time, sometimes to the point of being difficult to understand for… humans.
Tokens to automatically validate the connection
This is where the new version of iOS comes into play. Apple relies on a mechanism called Private Access Token, or in French “private access token”. Used by a third-party service, it is supposed to identify connection requests from legitimate devices and people, without compromising their identity or personal data.
The principle of the Private Access Token is to prevent you from typing a CAPTCHA in the future, at least for third parties who agree to use it — we already know that large companies that provide services to many websites, like Cloudflare and Fastly, intend to include these private access tokens across their networks.
Fastly and Cloudflare are two American companies that market solutions for sites, including content caching to facilitate their distribution and availability on the web. These CDN companies (Content Delivery Network or content delivery networks) are critical cogs — when they go off the rails, it feels like the web has fallen.
It’s also about resolving a privacy risk. ” In order to determine if a client is trustworthy and can get a CAPTCHA easier, servers often resort to tracking or fingerprinting clients using their IP address. This type of follow-up goes against the direction taken by [Apple] on internet privacy “Judges the American firm.
Also intended to work with macOS Ventura, the Private Access Token aims to use signals from the device and the Apple ID (Apple ID) – which implies that one must be identified. ” This Apple ID is only used for attestation and is not shared with the servers that receive the tokens “said Apple in the presentation of its tool.
If all the required boxes are checked, then these private access tokens allow servers to automatically trust Internet users who connect, without the need to submit a CAPTCHA to them. Everything will take place behind the scenes for the Internet user and in the blink of an eye. Navigation then becomes much more pleasant, by removing friction that looks like an obstacle.
De facto, there are therefore tens, hundreds of thousands of applications and sites that will be immediately compatible with the Private Access Token, observes MacRumors. Other CDN platforms could follow in the short to medium term. In beta versions of iOS 16 and macOS Ventura, this automatic check is enabled by default.
Making navigation more user-friendly by reducing the effort required from Internet users is an objective that Apple is not the only one to have. In another genre, Google came up with a reCAPTCHA several years ago. This is to greatly simplify the test by simply asking the Internet user to tick a box, while ruling out the bots. But Apple goes even further here.