Secure captcha test
First Claim
1. A system comprising a processor;
- and a memory to store data used by the processor, wherein the processor is operative to;
run a web browser application that is operative when run to;
retrieve and present a web page of a website in a browser window; and
in response to the website requesting performance of a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) challenge process, request a CAPTCHA challenge application to perform the CAPTCHA challenge process; and
run the CAPTCHA challenge application separately from the web browser application so that the CAPTCHA challenge application can implement defenses that are stronger than the defenses allowed by the web browser application, the defenses including at least one of an anti-grabbing defense or an anti-debugging defense, wherein the CAPTCHA challenge application is operative when run to;
obtain the CAPTCHA challenge test from an authentication server in response to the request to perform the CAPTCHA challenge process;
render a CAPTCHA window including the CAPTCHA challenge test separately from the browser window, but over the web page included in the browser window;
protect the CAPTCHA challenge application with the defenses and/or a secure enclave which is not accessible to an operating system on which the web browser application runs and other applications;
move the CAPTCHA window to track a size and/or a position of the browser window so that the CAPTCHA window appears to be integrated into the web page as the browser window is resized and/or repositioned;
send, to the authentication server, a value based on a user response to the CAPTCHA challenge test; and
obtain a response from the authentication server authenticating the user response.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a system including a processor to run a web browser application and a CAPTCHA challenge application, wherein the web browser application is operative when run to retrieve and present a web page of a website, obtain a request from the website requesting performance of a CAPTCHA challenge process, and request the CAPTCHA challenge application to perform the CAPTCHA challenge process, the CAPTCHA challenge application is operative when run to request a CAPTCHA challenge test from an authentication server, obtain the CAPTCHA challenge test, render a CAPTCHA window including the CAPTCHA challenge test, obtain a user response to the CAPTCHA challenge test, send a value based on the user response to the authentication server, and obtain a response from the authentication server authenticating the user response, and the CAPTCHA challenge application and the web browser application are run as different processes by the processor.
-
Citations
20 Claims
-
1. A system comprising a processor;
- and a memory to store data used by the processor, wherein the processor is operative to;
run a web browser application that is operative when run to; retrieve and present a web page of a website in a browser window; and in response to the website requesting performance of a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) challenge process, request a CAPTCHA challenge application to perform the CAPTCHA challenge process; and run the CAPTCHA challenge application separately from the web browser application so that the CAPTCHA challenge application can implement defenses that are stronger than the defenses allowed by the web browser application, the defenses including at least one of an anti-grabbing defense or an anti-debugging defense, wherein the CAPTCHA challenge application is operative when run to; obtain the CAPTCHA challenge test from an authentication server in response to the request to perform the CAPTCHA challenge process; render a CAPTCHA window including the CAPTCHA challenge test separately from the browser window, but over the web page included in the browser window; protect the CAPTCHA challenge application with the defenses and/or a secure enclave which is not accessible to an operating system on which the web browser application runs and other applications; move the CAPTCHA window to track a size and/or a position of the browser window so that the CAPTCHA window appears to be integrated into the web page as the browser window is resized and/or repositioned; send, to the authentication server, a value based on a user response to the CAPTCHA challenge test; and obtain a response from the authentication server authenticating the user response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- and a memory to store data used by the processor, wherein the processor is operative to;
-
9. A method comprising:
-
in response to a request from a web browser application to perform a Completely Automated Public Turning test to tell Computers and Human Apart (CAPTCHA) challenge process, obtaining a CAPTCHA challenge test from an authentication server; rendering a CAPTCHA window including the CAPTCHA challenge test separately from a browser window in which the web browser application is presenting a web page of a website, so that defenses which are stronger than defenses allowed by the web browser application can be implemented on the CAPTCHA window, the defenses including at least one of an anti-grabbing defense or an anti-debugging defense; protecting the CAPTCHA challenge application with the defenses and/or a secure enclave which is not accessible to the operating system on which the web browser application runs and other applications; moving the CAPTCHA window to track a size and/or a position of the browser window so that the CAPTCHA window is rendered over the web page included in the browser window and appears to be integrated into the web page as the browser window is resized and/or repositioned; sending, to the authentication server, a value based on a user response to the CAPTCHA challenge test; and obtaining a response from the authentication server authenticating the user response. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A software product, comprising a non-transient computer-readable medium in which program instructions are stored, which instructions, when read by a processor, cause the processor to:
-
in response to a request from a web browser application to perform a Completely Automated Public Turning test to tell Computers and Human Apart (CAPTCHA) challenge process, obtain a CAPTCHA challenge test from an authentication server; render a CAPTCHA window including the CAPTCHA challenge test separately from a browser window in which the web browser application is presenting a web page of a website, so that defenses which are stronger than defenses allowed by the web browser application can be implemented on the CAPTCHA window, the defenses including at least one of an anti-grabbing defense or an anti-debugging defense; protect the CAPTCHA challenge application with the defenses and/or a secure enclave which is not accessible to an operating system on which the web browser application runs and other applications; move the CAPTCHA window to track a size and/or a position of the browser window so that the CAPTCHA window is rendered over the web page included in the browser window and appears to be integrated into the web page as the browser window is resized and/or repositioned; send, to the authentication server, a value based on a user response to the CAPTCHA challenge test; obtain a response from the authentication server authenticating the user response. - View Dependent Claims (17, 18, 19, 20)
-
Specification