hCaptcha answers questions about deploying a simple yet straightforward approach for identifying Large Language Models (LLMs) and other forms of automation. These questions delve into how LLMs can impact services like hCaptcha and addresses the worry that growth and advancement in Artificial Intelligence will lead to more challenging human verifications.
How do LLMs affect services like hCaptcha?
It is important to understand that Artificial Intelligence and Machine Learning is not a new discussion. hCaptcha has developed systems to detect automation of all kinds for years using many different approaches.
However, the services we provide are both urgent and more challenging as Artificial Intelligence and Machine Learning techniques get better. Legacy vendors that have failed to maintain the level of R&D required will struggle to keep up. This is why we have always focused on research and continuously evolved in our strategies and methods to stay ahead.
How does hCaptcha detect LLMs and other automation?
Although we often publish our research at academic conferences on Machine Learning, we generally do not share specific details or strategies of our security measures publicly to protect our users.
We are making an exception to this practice below to help dispel some of the confusion around the true capabilities of LLMs. We have no difficulty detecting them today and do not expect this to change any time soon. As Artificial Intelligence and Machine Learning gets better, adversaries can adapt faster but by the same token so do we. This is an on-going arms race, but not a new one.
Will humanity verification questions get harder as AI gets smarter?
Not necessarily. To understand why, we need a key insight. AI and ML systems make different kinds of mistakes than people do. Individual failings in Artificial Intelligence and Machine Learning systems can be fixed, but exactly emulating human cognition is not on the near-term horizon even when AI systems start to approach or exceed human problem-solving capacity in other ways.
This is a fundamental limitation of artificial neural networks. They are useful tools but do not reproduce human cognition particularly well. Understanding these differences gives us many ways to detect LLMs and other models via challenges.
hCaptcha is already able to use techniques like these to reliably detect LLMs and to identify which LLM is being used to produce the answer, especially because each LLM consistently makes identifiable errors in a row.
As you may have guessed, this is hardly our only detection method; we chose it to write up as one of the simpler approaches to explain. We expect that this example will soon be patched due to the publication of our results but the underlying difference that allows detection is fundamental to these systems.
Need to detect advanced automation yourself?
Check out hCaptcha Enterprise to find and stop online fraud and abuse, whether automated or human.
PS: If you’re interested in these kinds of problems and the web-scale distributed systems behind them, we are hiring.
Click below to share this article