Google has announced that it will be bringing its successful Invisible reCAPTCHA technology to its Android devices through a new API that is now available to developers. As more users now access the internet through their phones and mobile applications, a mobile-focused reCAPTCHA service is necessary to keep user data and mobile applications safe. The reCAPTCHA service, a derivation of the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) solution, has clear benefits for both users and app developers. For the users, the main benefit is the capacity of an individual to access certain websites or applications without the worry of being exposed to spam and online abuse. On the part of site owners and app developers, they no longer need to worry about automated programs or “bots” gaining access to their systems. The use of reCAPTCHA API in Android apps could ultimately improve the security and reliability of mobile applications.
The use of the new reCAPTCHA API allows the Turing test to be done behind the scenes without interrupting the user on whatever they are doing. Thus, there is no need for users to tick checkboxes, read distorted words, or type down a street or house number when accessing certain app features. What makes this possible is Google’s newest Invisible reCAPTCHA technology that runs a risk analysis test in the background. In case that the reCAPTCHA service suspects that a bot is accessing the application, the API will serve certain tests that the users must solve in order to prove that they are not bots.
This new API is part of the Google SafetyNet, which provides a set of APIs that focuses primarily on security features like device attestation, detecting bad URLs, determining fake users, and identifying harmful applications. The addition of the reCAPTCHA API bolsters the capacity of the Google Safetynet to secure the app developers’ systems from potential hacking or DDoS attacks through the addition of a user attestation service. These security features provided by Google’s Safetynet APIs have been utilized by several popular applications like Pokemon GO, Netflix, and Android Pay to limit the use or installation of their applications on rooted devices.