Like iOS 16 bypasses CAPTCHAs on iPhone


iOS 16 lets you say goodbye to most CAPTCHAs! A new option allows iPhone users to prove they are not robots without answering the questionnaire.

A new feature of the iOS 16 update has been spotted by internet users of the Reddit social network. This option allows iPhone users to do this bypass the famous CAPTCHAswhich slow down web browsing.

Recall that CAPTCHAs (“ Fully automated public Turing test to distinguish between computers and humans “) allows a website or application to do so making sure a visitor is a human being rather than a computer bot. The process requires the identification of certain elements on a set of everyday images, such as traffic lights, stairs, cars, bicycles or boats.

Sometimes you have to recognize a set of letters instead. This task is critical for a human, but not for most computer programs. This challenge-response is one of the famous Turing proof that differentiate humans from computers. Nowadays, most of the websites are using it to protect themselves from malware.

iOS 16 shows websites that you are not a robot

To allow iPhones to skip this verification process, Apple uses “a private access token”. The Cupertino giant explained in detail how the option works at WWDC 2022, the annual conference dedicated to developers. On its website, Apple specifies for application developers:

“Private Access Tokens are a powerful alternative that helps you identify HTTP requests from legitimate devices and people without compromising their identity or personal information. We’ll show you how your app and server can leverage this tool to add trust to their your online transactions and preserve your privacy. “.

Concretely, iOS 16 relies on iCloud to check if the certificates stored on your iPhone and the associated Apple ID are in order. If so, the operating system will issue a private access token. With this token, the website server will be informed that “the customer was able to pass an attestation check”. Clearly, Apple acts as a trusted third party between the Internet user and the website.

Unsurprisingly, Apple’s system emphasizes privacy. As Apple points out, “The servers that receive the tokens can only verify their validity, but they cannot discover the identity of the clients or recognize the clients over time”. The whole process is encrypted. No information about your smartphone, account or browsing history filters.

Read also: iOS 16 will allow you to create a 3D floor plan of your interior by scanning it with your iPhone

How to bypass CAPTCHAs on iOS 16

ios 16 how to bypass captchas
© 01Net

If you have installed the beta version of iOS 16 on your iPhone, the Automatic verification is enabled by default. Note that the feature is also integrated into the macOS Ventura and iPadOS 16 update. We explain how to access it on your iPhone:

  • Open the app Settings
  • Press yours Apple ID (top of screen)
  • Enter Password and security
  • Check the box Automatic validation at the bottom of the interface

Popular services such as Quickly and Cloudflare they have already committed to support the workaround option developed by Apple. Both companies will automatically implement private tokens on all of their clients’ websites. Millions of applications and websites will support this new feature. In a blog post, Cloudflare also explains that all visitors “Using an iOS or macOS device will automatically start seeing fewer CAPTCHAs once your operating system is updated”.

Companies are therefore ready for large-scale rollouts of iOS 16, macOS Ventura and iPadOS 16. For the record, Apple will distribute the final version of the updates over the next autumn.

Fastly and Cloudflare reveal it Google has also worked on the Privacy Pass protocolon which Apple’s private tokens are based. “We have worked with our friends at Apple, Cloudflare and Google to develop and standardize the technology behind private access tokens,” he says Quickly.

In fact, we can hope that an iteration of functionality will eventually work his voice on Android or other Google solutions in the years to come. For now, the protocol is already available on Chrome as an extension. Unfortunately, user feedback suggests the extension isn’t there yet.




Leave a Comment