According to 9to5Mac, a new feature has just been discovered in iOS 16 that allows users to bypass the CAPTCHA (non-robot authentication code) step. Reportedly, Apple will implement a feature called Private Access Token, which uses data information about the user’s device and Apple ID to automatically send verification to the website containing the CAPTCHA.

Auto-authentication found in iOS 16, iPadOS 16

CAPTCHA is an efficient user authentication mechanism deployed almost anywhere in cyberspace. With CAPTCHA, the website requires users to input codes, distinguish images or solve math problems, the results obtained will be to verify who is who is who is robot. CAPTCHA is an effective mechanism to help websites fight against denial of service (DDoS) attacks or against automation from users (clients).

Illustration of CAPTCHA

At the WWDC 2022 event, Apple also mentioned this feature in the “Replace CAPTCHA code with Private Access Token mechanism”. According to Apple, this mechanism is basically a method for Apple to minimize the possibility of users leaking data.


How the Private Access Token mechanism works

To implement the Private Access Token, Apple partnered with Fastly and Cloudflare to provide the Privacy Pass feature. iOS and macOS users, after updating to the official iOS 16, will be able to use the CAPTCHA bypass feature for websites using either of the two services mentioned above.

Currently, the default “Automatice Verification” feature is enabled for beta versions of iOS 16, iPadOS 16, and macOS Ventura. This option can be found under “Privacy and Security”.


Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *