Goodbye — and Good Riddance— To CAPTCHA and Hello To Tokenization
Yesterday, I provided some “anti-money laundering” evidence, and which involved me providing a utility bill to a solicitor with proof of my address. With this, you can provide a PDF of a document from a service provider (such as for a utility bill) and which is addressed to you. To me, this has zero trust, as the PDF is not signed by the service provider, and where anyone can modify a PDF to say whatever you want. We thus live in a fake digital world of trust. We have scaled our paper based world to a digital world, and forgot then this scaling just does work. The number of people who think that PDFs cannot be changed is quite worrying. A proper protected PDF with a digital signature is another matter, but most PDFs are unprotected, as easily converted into Word, and then edited, and recreated back as a PDF.
But, things are changing. Just this week, Apple and Cloudflare announced the usage of Private Access Tokens (PATs), and which will allow trusted users to identify themselves without using those horrible CAPTCHA puzzles. This will be based on creating trusted tokens which are signed by a trusted entity, and which can attest that a user, a browser or a device can be trusted.
I must admit I really dislike using CAPTCHA, especially as they often pose images of US-centric things such as “cross-walks”, trucks…
