Apps chrome

iOS 16 will let you bypass CAPTCHAs on some apps and websites

When iOS 16 releases later this fall, you might notice that you won’t have to deal with so many annoying CAPTCHAs asking you to drag a puzzle piece or distinguish between a hill and a mountain. That’s because Apple is introducing a feature for its iPhones and Macs called Automatic Verification, which lets certain sites know you’re not a bot without you having to do anything (via MacRumors).

Apple worked with two major content delivery networks, Fastly and Cloudflare, to develop the system. When it launches with iOS 16 and macOS Ventura, sites that use either service to defend against spam should be able to take advantage of the system and stop showing you so many CAPTCHAs. If you pay attention to how many sites go down when Fastly or Cloudflare start having problems, you’ll know that’s a solid part of the internet that can become a lot less annoying (especially for those who see CAPTCHAs more often than average because they use a VPN or frequently clear their cookies).

A basic diagram of how Apple’s system works.
Image: Apple

While this is far from the first attempt to ditch CAPTCHAs, Apple’s scale means we can really see progress this time around. The underlying system, which Apple calls Private Access Tokens, is vaguely reminiscent of its password replacement system. Here’s a very simplified idea of ​​how it works: Your device looks at a variety of factors to determine if you’re human. When you go to a website that would normally ask you to fill out a CAPTCHA, that site may ask your phone or computer if a human is using it. If your device says yes, you will be let through.

If you want to dive deeper into the details of the technology, you can watch Apple’s WWDC session on it, read Apple Insiderand check out Fastly’s article about it.

As with most new technology on offer, Apple has a history of privacy to uphold. The company says that while your Apple ID is used as proof that you’re a real person, your phone or computer doesn’t send the data (like your email address or phone number) associated with it. The only thing the site gets is what is essentially a nudge from Apple. Likewise, Apple only knows that your device is asking it to confirm whether you’re human; he doesn’t get information about who wants to know.

Luckily for Android and Windows users, Apple isn’t the only one working on this technology. According to Fastly, Google also helped develop it, and the concept of having a relying party attest that you are human is being incorporated into Internet standards. Google started building a similar system in Chrome about two years ago and while it seems to be mostly focusing on third-party issuers instead of doing the verification itself, I can definitely see it building a system similar to of Apple for its users all the way.