Irony alert- Embarrassing security blunder by the American Government

By Sarah Lennard-Brown

The use of CAPTCHA on a US government petition site has resulted in people with visual disabilities, the core audience for the petition, being effectively barred from contributing. How do you manage anti-spam security in a way that enables everyone to contribute? We have the solution.

Seems the American Government have egg on their faces again. It appears that an e-petition on the White House website calling for printed material to be made more accessible for people with visual difficulties has a fundamental accessibility flaw that prevents the people it purports to support from accessing it or contributing to the debate. The problem is that the White House system uses a piece of security called CAPTCHA (stands for: Completely Automated Public Turing test to tell Computers and Humans Apart), and people who use visual aids to access websites either struggle to use them or experience insurmountable barriers.

You have probably come across a CAPTCHA system at some point, they are two words or series of characters that are presented in a disguised form, at various angles or with lines across them, that you have to recognise and type in to prove you are human and not a computer. This form of security presents an obvious barrier if you have visual difficulties. I don't know about you but I don't have visual difficulties other than the usual ones associated with approaching (faster than I would like to admit) middle age but I suffered the indignity last week of having to ask my son to read out the Re CAPTCHA (another version of CAPTCHA security) security letters for me as I couldn't work out what it said. If I am having problems with what my optician calls "excellent eyesight for your age" then a large proportion of people must find these systems an insurmountable barrier. Not to mention all the people with dyslexia type issues or physical difficulties who can also have problems using the system.

To be fair the developers of CAPTCHA and similar systems worked out that they were too difficult to use for people with visual problems and many of these systems come with a computer generated audio version of the text. However these are often a chocolate teapot of a solution with fuzzy sound and indistinct letters or characters which present an equal barrier to the visual system.

A typical ReCAPTCHA challenge:

A typical ReCAPTCHA challenge

A ReCAPTCHA as someone with poor eyesight might see it:

A ReCAPTCHA as someone with poor eyesight might see it

According to the BBC the US Government claims that their website meets its accessibility standards, but unfortunately it fails normal common sense standards, which just goes to show that you should not rely exclusively on accessibility standards when evaluating website content, especially any content that seeks to encourage response or engagement. Is it really so hard to put a security measure in place that does not exclude the very population you are trying to reach? A quick trawl of the internet brings up many options, all versions of the Turing test (distinguishing between people and computers). Methods such as question and answer systems where users are presented with a random question can work well or there are other systems that use "honeypots" to trap spam engines while letting legitimate users through. If you have any questions about how you can make your anti-spam systems more accessible then please email us and we will find a solution for you that ensures there are no embarrassing barriers on your website.

Sarah Lennard-Brown, Director of Ecru Sarah Lennard-Brown, Director of Ecru

This article was written by Sarah Lennard-Brown, Director of Ecru. If you have any questions regarding this article or would like to discuss your next web site project with Sarah please call her on 01702 479 677 or get in touch via our contact form.

Is your website accessible to disabled people? Email us or call us on 01702 479 677 to discuss how we can help you.