驗證碼是一種用來防範網路資源濫用的技術。行動裝置則是從事網路活動的主要裝置之一,但目前行動網頁認證系統多數仍沿用桌上型電腦的閱讀式驗證碼進行認證程序。然而受限於螢幕尺吋與操作空間等因素,易造成行動裝置用戶的驗證困難。針對上述問題,本研究提出以觸控手勢為設計概念的驗證技術,稱之為Gesture CAPTCHA。Gesture CAPTCHA以手勢指令圖取代文字驗證圖示,透過手指點擊觸控螢幕進行方位移動、旋轉、縮放等手勢指令作為驗證手段,能充分發揮觸控螢幕的特性,提供較為直覺的操作環境,並藉由滑動手勢認證改善傳統行動裝置網頁驗證過於費時的詬病,也能避免光學文字辨識技術的破解,進而改善行動裝置網頁驗證的使用性與安全性。
CAPTCHAs are widely used techniques to prevent malicious programs misuse network resources. Most of the website CAPTCHA systems are text-based, but the security of text-based CAPTCHAs encountered a hard challenge from the improvements in OCR technology. Furthermore on mobile device, the limits on screen size and operating space lead to user's difficult to verify. Therefore, text-based CAPTCHA might not be practical on mobile devices. In this thesis, we proposed a Touch-based CAPTCHA system named “Gesture CAPTCHA”. This system uses gesture instruction to replace traditional text-based CAPTCHA, and utilizes the multi-touch screen features of mobile devices to complete verification process. Through different gestures instructions, users could complete testing and verification process in an intuitive operating environment. Our preliminary tests showed that Gesture CAPTCHA is practical in the aspects of security and usability. Our system can also reduce the time of the verification process. It improves usability and security of text-based CAPTCHA in mobile devices.