See also: IRC log
<shadi> scribe: shadi
JW: did some reading and added
some reference sources to the wiki page
... found master's thesis that attracted quite some
citations
... talking about biometric mechanisms for authentication
... also another paper describing alternatives
... including detecting the behaviour of scripts and
programs
... rather than trying to keep them out, try to detect
them
... like timing of key strokes and keyboard focus that could
distinguish behaviour
... but may also raise accessibility considerations in
themsevles
... for example interaction by assistive technologies could
trigger the algorithms
<Zakim> Judy, you wanted to note Scott's updated collection of CAPTCHA alternatives
JB: Scott Hollier sent useful email last night
SH: went through all CAPTCHA
references
... existing CAPTCHAs are not as secure as they thought
... research says ~20% can be cracked by mere brute force
techniques
... alternatives like visual identification could be
problematic
... anectodal evidence that reCAPTCHA is fairly
accessible
... one paper focused specifically on usability
... current approaches mostly focused on desktop concept
... also another approach of gamification seemed
interesting
... separated papers into "alternatives" and "issues with
CAPTCHA"
JB: what is the question we are
trying to answer?
... what are the better alternatives to elevate to APA?
JW: identifying
alternatives
... several areas where APA can update their materials
<janina> scribe: janina
<shadi> SD: head of research and innovation at BarrierBreak
<shadi> ...looking forward to contributing to this group
<shadi> [welcome to the group shwetank]
shadi: Suggest identifying the
available alternatives before raising to APA
... Noting it's also good usability practice, and we should
include usability in the scope of what we recommend to say
<shadi> JS: existing APA document does explain the general usability issues
<shadi> ...different remedies
<shadi> ...most useful would be drafting up sections
<shadi> ...can follow the existing approach and language
<shadi> JB: putting draft work onto RQTF
<shadi> ...trying to avoid this
<shadi> ...don't want to add process issues
<shadi> ...but want to manage scope of work
<shadi> ...would it be sufficient to pass back the outcomes of the literature reviews?
<shadi> JS: unless RQTF has concerns about the current structure
<shadi> ...but drop off the references in the right location
<shadi> ...in the same logical flow to highlight where the updating needs to happen
<shadi> JB: which of the candidate options seem best so far??
<shadi> ...or maybe discuss this on the list
<shadi> JB: linking back to the statistical findings could be useful
<shadi> ...maybe Google may be willing to share their accuracy rate
<shadi> ...could be an important point to highlight
<shadi> ...could also share with the community through WAI IG
<shadi> ...often get questions on CAPTCHA
<shadi> [side discussion on tooling]
<shadi> SH: 20% figure comes from issues with current CAPTCHA
<shadi> JB: so 20% inaccurate?
<shadi> SH: yes
<shwetank> The new captcha's sometimes use a different approach (like having a 3x3 grid of squares) with a different image in each sqaure. And then asking the user to click and highlight all the sqaures according to a certain criteria (like highlight all ones which contain a picture of a building) etc. It might be easy to internationalize it, but challenges should be there for cognitive disabilities
<shadi> JW: needing to move an object as CAPTCHA
<shadi> ...was not accessible for many users
<shadi> ...not clear to me which alternatives are most valuable
<shadi> ...Google approach was cited several times
<shadi> ...asks you to simply check a box
<shadi> ...but tries to detect certain parameters
<shadi> ...with fallback procedure when there is suspicion
<shadi> ...may be good to find documentation on that
<shadi> JS: web authentication pointed out that it is always a balance
<shadi> ...at the end it is a heuristic decision that is made
<shadi> ...like the idea of just checking a box
<shadi> SAZ: what was the primary target audience of the previous document and did it change?
<shadi> ...think back then we assumed website owners provide CAPTCHAs
<shadi> ...but meanwhile many third-party service providers
<shadi> JS: good point, need to check that
<shadi> JW: may also have privacy implications on third-party services
<shadi> JS: good point too
<shadi> JW: so far analyzing use cases and put forward requirements
shadi: Believe we're still at
least a step away from defining requirements
... We need more detail
... Also more examples and more situations
... We want to highlight different aspects
<shadi> JW: maybe action to elaborate these descriptions
<shadi> SAZ: can we get to a point where can be comfortable sharing with the IG?
<shadi> JW: maybe elaborate existing use cases first?
<shadi> JW: didn't discuss web authentication, though touched on it
<shadi> ...but also didn't discuss personalization
<shadi> trackbot, end meeting
This is scribe.perl Revision: 1.148 of Date: 2016/10/11 12:55:14 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/what are the candidates so far/which of the candidate options seem best so far?/ Succeeded: s/defining use cases/defining requirements/ Found Scribe: shadi Inferring ScribeNick: shadi Found Scribe: janina Inferring ScribeNick: janina Scribes: shadi, janina ScribeNicks: shadi, janina Default Present: jasonjgw, shadi, scott_h, Judy, shwetank Present: jasonjgw shadi scott_h Judy shwetank WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Found Date: 15 Feb 2017 Guessing minutes URL: http://www.w3.org/2017/02/15-rqtf-minutes.html People with action items:[End of scribe.perl diagnostic output]