According to 9to5Mac, a new feature has just been discovered in iOS 16 that allows users to bypass the CAPTCHA (non-robot authentication code) step. Reportedly, Apple will implement a feature called Private Access Token, which uses data information about the user’s device and Apple ID to automatically send verification to the website containing the CAPTCHA.
CAPTCHA is an efficient user authentication mechanism deployed almost anywhere in cyberspace. With CAPTCHA, the website requires users to input codes, distinguish images or solve math problems, the results obtained will be to verify who is who is who is robot. CAPTCHA is an effective mechanism to help websites fight against denial of service (DDoS) attacks or against automation from users (clients).
At the WWDC 2022 event, Apple also mentioned this feature in the “Replace CAPTCHA code with Private Access Token mechanism”. According to Apple, this mechanism is basically a method for Apple to minimize the possibility of users leaking data.
To implement the Private Access Token, Apple partnered with Fastly and Cloudflare to provide the Privacy Pass feature. iOS and macOS users, after updating to the official iOS 16, will be able to use the CAPTCHA bypass feature for websites using either of the two services mentioned above.
Currently, the default “Automatice Verification” feature is enabled for beta versions of iOS 16, iPadOS 16, and macOS Ventura. This option can be found under “Privacy and Security”.