I came across an interesting article on ZDNet entitled “Inside India’s CAPTCHA solving economy” which discusses how Indian “data processing” companies are being used to solve CAPTCHAs, presumably to circumnavigate security measures put in place by companies to prevent spammers from registering bogus accounts for the purposes of spamming and other unsavoury activities.

Firstly, for those unfamiliar with what a CAPTCHA is and the purpose of it, here’s a definition from the official CAPTCHA site:

A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. For example, humans can read distorted text as the one shown below, but current computer programs can’t:

By using real people to solve CAPTCHAs – at a very low price – spammers are able to overcome the useful function of the CAPTCHA in an economically viable fashion.

Mobenzi could be used to solve CAPTCHAs as the Mobenzi task would simply need to prompt the agent to review the image (the CAPTCHA) and respond with the actual text (thereby solving the CAPTCHA).

The example of CAPTHA solving opens the broader question: What level of monitoring and/or censorship (if any) should be imposed on those submitting tasks for processing by the Mobenzi platform?

Naturally, when Mobenzi is commercially released we will stipulate terms of use which will outline the sorts of activities which are prohibited. But is this enough? This particular example introduces some interesting issues worthy of consideration. Spamming is obviously prohibited by legislation in most countries and solving a large number of CAPTCHAs using a human labour force is rather likely to be used for this purpose, but is the process of using real people to solve CAPTCHAs automatically illegal?

Following this line of thinking, what other potentially malicious activities could be supported by the Mobenzi service and how should we guard against this? It may be infeasible, and possibly unethical to screen tasks submitted by commercial users.

One possible solution may be to use the CAPTCHA solving ability of the Mobenzi platform to prevent spammers from doing so. A small number of CAPTCHAs from major sites typically attacked by spammers could be processed by us and compared with the images requested to be processed by Mobenzi users. If a statistical match is discovered, the offending user could be sanctioned immediately.

It’s early days yet – but these types of concerns will be important should the Mobenzi service prove successful to ensure that it is used for legitimate purposes only.