The Braille Monitor                                                                                         November, 2003

(back)(next)(contents)

Graphical Verification:
Another Accessibility Challenge

by Curtis Chong

Curtis Chong
Curtis Chong

From the Editor: Curtis Chong is president of the National Federation of the Blind in Computer Science. He now lives and works in Iowa. We increasingly hear frustrated comments from Federationists who have butted their heads against the problem Curtis describes in the following article. It will be important in the months ahead for those who have firsthand experience of the problem to register their objections to the companies keeping them out. Remember that the NFB's technology department is prepared to work with Web site developers to ensure that blind users are not shut out. Here is the article:

A growing number of Web sites have started to implement a new method for protecting their valuable data. It involves the display of a picture of text which the computer user must then copy into an edit box. The theory behind this verification scheme is that a human is smart enough to extract the text from the graphic and enter it into an edit box, while software is not. Web sites do not appreciate having their data extracted by automated systems, which can steal more information in a few seconds than a human can in an entire day. The unfortunate result for the blind is that, since our screen-access programs can't extract information from the picture of text displayed, we are effectively blocked from any service secured in this way.

My first encounter with this approach to protecting a Web site occurred about two years ago when I signed up for PayPal, which is a service for people to send money to each other over the Internet. At that time I was asked to copy a string of text displayed on the screen into the appropriate edit box. I was also informed that, if I couldn't see the text, I should click on an accessibility link. When I chose this accessibility link, I was then presented with a choice to play an audio file which would speak the text I was supposed to copy. Even though the recording of text was extremely poor, I was able to sign up for the PayPal service with the help of my trusty Perkins Brailler.

I confess that at the time, even though I was a bit unhappy with the difficulty of signing up for PayPal, I promptly forgot about the problem and went on to do other things. After all, I was done with the sign-up process that had so inconvenienced me, and I subsequently had no problem getting into PayPal whenever I wanted to use it.

My next encounter with the graphical verification scheme occurred last spring when Tom Wlodkowski, director of accessibility for America Online (AOL), came to me with a problem. He said that AOL was looking for a way to prevent computer programs from acquiring screen names for its Instant Messaging service. The method that the company had decided to use was the very same one that PayPal had implemented years before. He wanted to discuss various ways for the blind to acquire a screen name without being blocked by the graphical verification method. I suggested the approach that PayPal had used, but apparently there was a technical reason why it could not be implemented. Reluctantly both Tom and I finally decided that the only immediate way to solve the problem was to suggest that anyone who could not see the graphic of text to be copied should contact AOL at a toll-free number that would be spoken by the screen reading software but not displayed on the screen. Both of us agreed that, working together, we would need to develop a long-term solution that would be more acceptable to everyone.

Now consider Network Solutions (www.networksolutions.com) and its "WhoIs" service. The WhoIs service allows you to obtain information about Internet domains such as nfb.org, npr.org, microsoft.com, or any other domain registered with Network Solutions. This service is supposed to be available freely to everyone. But today it is not available to the blind. Every time you inquire about a specific domain using the WhoIs service, you are required to enter a string of text that must match text contained in a graphic shown on the screen. This is not a one-time inconvenience. Oh, no--this is a real show stopper for the blind! Perhaps most aggravating of all, unlike AOL, Network Solutions never even considered discussing its implementation with anyone in the blind community.

Now I hear some of you asking, "Who cares about accessing information about domain names?" Good question. The fact is that what Network Solutions is doing is only the beginning of what could turn out to be a very serious problem for us. If security administrators get the notion that this graphical verification scheme actually works (and it does), they are more than likely to implement it for all sign-in procedures, and that means that the blind will not be able to sign in anywhere this approach is used. Forget about putting "alt-text" on all graphics or any other accessibility requirements for the Web. If we can't sign in, it doesn't really matter how accessible a particular site may be. If we can't sign in, we can't access anything.

On August 10, 2003, on behalf of the National Federation of the Blind in Computer Science, I sent a letter to the president and chief executive officer of Network Solutions, one W.G. (Champion) Mitchell. It took more than a month, but early in September I received a phone call from Shelley Rawlings, Network Solutions' director of customer care. Ms. Rawlings and I engaged in some frank telephone and email discussions. The result of our discussion is this.

In the short term Network Solutions will implement what is, to us, an unsatisfactory procedure to allow blind people access to its WhoIs service. A message will appear on its Web site urging customers who are unable to interpret the graphical picture of text to call the Network Solutions toll-free customer service number. In theory a customer service agent will be able to help a blind person to interpret the string of text and thus gain entry to the WhoIs service. I say "in theory" because Ms. Rawlings was not forthcoming with specific information about how the entire process would work. In the longer term I was able to secure from Ms. Rawlings an agreement to have the National Federation of the Blind meet with engineers from Network Solutions to discuss a more acceptable solution to the problem. However, Ms. Rawlings made it quite clear that such a meeting would not happen any time this year.

A cynical person might say that what Network Solutions has done is to buy some time--time which it probably needs to deal with a problem it never anticipated in the first place. Such a person might also maintain that Network Solutions has no real interest in solving the problem and will consequently put us off as long as it can. I would prefer to think that the company is sincerely interested in solving the problem, and to this end I am fully prepared to articulate our position at the earliest possible opportunity.

I will be the first to admit that we, the blind, do not have the kind of technical expertise that is available to companies like Network Solutions. However, we do have a unique knowledge of how blind people use computers. Network Solutions, on the other hand, has the engineering talent to protect its assets and, if it chooses to do so, the wherewithal to implement a solution to the WhoIs access problem that makes everybody happy. Accordingly, I believe it is our responsibility to tell the company how we want a solution to behave, from the blind computer user's point of view, and let the company figure out how to develop it. Assuming that we can get one company to do the right thing, it will be somewhat easier to deal with other companies when, as I fear will ultimately happen, they decide to protect their assets by requiring everyone to copy a string of text from a graphic shown on the screen every time the person wishes to sign in.

Before we can suggest any solutions to the graphical verification problem, it is important for us to understand that graphical verification is not likely to go away anytime soon. The state of technology today is such that this method of protection actually does prevent computer programs from stealing valuable data. Accordingly, we cannot simply demand that a company stop using it. We have to try to meet them halfway.

To begin with, I submit that any solution involving a phone call to a customer service agent is not acceptable under any circumstances. While we might reluctantly agree to this as an interim measure, we should not settle for a permanent solution that requires us to call someone every time we need to have a string of text verified.

Second, I do not object in principle to the procedure implemented by PayPal in which the computer user can play an audio file to hear the string of text that must be entered. What I do object to is the way in which PayPal has implemented this system. The problem with the current implementation is that the quality of the audio is extremely poor, and there is no way to repeat what has been spoken. However, if a company chooses to provide audio information of a better quality and if a repeat function is available, then an audio file which speaks the text string to be copied can serve as an acceptable solution for the blind.

Finally, if a company such as Network Solutions does not want to implement an acceptable audio approach, we could suggest the way the security interface should behave from the blind computer user's point of view and let the engineers figure out how to make it happen. It is conceivable, for example, that we might suggest an entirely new way of verification which proves that the computer user is in fact a human being, while at the same time making it difficult or impossible for automated solutions to hack into the system.

Consider, for example, a string of text that might be displayed in a fully accessible (to the screen-access software) edit box. Instead of copying all of the text, the computer user might be asked to select certain specific characters from the string and enter them into the verification area. The choice of what characters to copy could vary randomly, and the instructions could be written in such a way as to make them impossible (or at least fairly difficult) for intrusion software to comprehend. This is only one of many schemes I could think of, given enough time.

But before we can begin to contemplate the techniques that might be employed to supplant the graphical-verification technology that is growing in popularity, it is critical for the dialogue to begin between companies considering this technology for security and the organized blind. I am happy to report that the dialogue that began last spring between AOL and the NFB continues. We have the beginnings of some positive dialogue with Network Solutions. And I have every hope that as Federationists we will exercise the methods we know well to begin discussions with other companies as we become aware of their use of this technology.

Make no mistake: graphical verification works. It protects Web sites from automated data-grabbing software and, for the time being at least, the blind. While it is mostly an annoyance that some of us have tolerated over the years, if unchecked, it will become the next accessibility barrier for the blind. I am confident that we as active members of the National Federation of the Blind will not let that happen.

(back)(next)(contents)