Google abandoned the virtual image verification code, and Xinxin Technology launched a non-sense solution.
In February 2016, Google announced that it would stop the global image verification code service. This verification code that has troubled us for many years is finally leaving the stage of history. The official announcement can be seen in the following screenshot:
Presumably the history of the development of verification codes is well known. From 2002 to now, after 16 years of development, this "security guard" who was first praised by everyone has now become a frequent complaint. Object. All of this must stem from its increasingly bad user experience. In order to fight against hackers, the picture verification code is designed to be more and more complicated, and it can even be said to be more and more weird...
More and more complicated picture verification code Is it
bad to bully me?
Didn't you bully me? Didn't you learn physics?
Do you know what this means? 
Brother, my face is blind!
Wonderful verification codes are not only severely anti-human in terms of experience, but also cannot be secured at the technical level. With the development of computer technology and the popularization of knowledge, hackers can easily crack complex image verification codes through image cleaning and OCR technology.
Picture verification code cracking software
As an Internet giant, Google foresaw the end of the era of virtual picture verification codes, and therefore issued an announcement formally announcing the complete suspension of picture verification code services. However, many large-scale websites and companies still do not realize this, and still use image verification codes in important network interaction links, such as App Store, 12306, China National Photography Company...
App Store image verification codes
are a headache for image verification codes It not only seriously affects people's online experience, but also has great security risks for the security of Internet interaction. Therefore, in addition to Google, many Internet companies have made different improvements to the verification code.
One. Behavior verification code
The behavior verification code is now the more mainstream verification code. Users no longer need to waste time on boring digital recognition. They only need to click to complete the verification. The whole process only takes 0.4 seconds.
Behind the seemingly simple verification, the technology used is not simple. The behavior verification code uses the most cutting-edge artificial intelligence technology, combined with biological behavior characteristics, can accurately distinguish between humans and machines.
But the road is one foot high, the magic is high, various coding platforms apply anti-AI capabilities, and various behavior verifications are quickly cracked by various technical experts and scalpers.
two. SMS verification code
SMS verification code is a form of verification code by sending a verification code to the mobile phone. The principle is that the website sends a request to the access provider’s server through the interface, and the server sends random numbers or letters to the mobile phone. The access provider’s The server uniformly verifies the verification code.
SMS verification codes are currently widely used, and their security is significantly improved compared with image verification codes. However, the SMS verification code has security loopholes in the SMS interface being called. Once the interface is called, users may face the threat of SMS bombing.
three. SMS verification code + Xinxin technology non-inductive protection
Looking at the development process of verification code, it is not difficult to find that the future verification code will definitely develop in the direction of balance between security and experience. With the development of artificial intelligence technology, the entire verification field will become more intelligent and insensitive while taking into account the dual elements of safety and experience, and the interruption to normal users will gradually disappear.
Xinxin Technology www.newxtc.com , the founding team is from Baidu’s Qunar, Epay , UMF , Gaoyang Jiexun (19pay) and other well-known payment and aviation companies. It took 3 years to control the risk of millions of dollars. Based on the engine, an intelligent model of "anti-message bombing" is trained to completely resolve the contradiction between "security" and "user experience". Product managers only need to focus on user experience and do not need to compromise on security.
1) No feeling: go to class 12306, feel the way of so-called man-machine verification such as gap puzzle, dragging, etc.
It’s as simple as entering the phone number and returning the product to its true colors.
2) Guarantee: The AI model for offensive and defensive confrontation big data training, the front-end interactive verification method, and the back-end defense to ensure the security of SMS.
For example, even if there are 10,000 normal users using the same IP at the same time, the release can be guaranteed, but most of the conventional prevention and control are blocked by mistake.
On the contrary, the attacker controls 10,000 hosts, 10,000 different IPs and mobile phones, and guarantees interception, but conventional prevention and control can do nothing about this.
How to do it, based on the AI-based three-dimensional defense system, the
"message confrontation layer" applies encryption, decryption and obfuscation technology at the outermost layer to fight against ordinary attacks. The
"cellular protection layer" consists of time and space subjects to form a honeycomb to ensure that they are attacked. "Cells" do not affect each other and reduce the affected area.
"Airbags" ensure that old users are not affected, automatically start and stop according to the scale of the attack and perform dynamic control.
3) Efficient: A 10M "SMS firewall" installation package with a value of millions of risk control engines, local deployment and operation, and millisecond response.
Avoid the network delay problem of "cloud mode", causing the sliding bar to not come out.
Key technical description:
"Floating index engine": Load the AI model, hover on the disk to run at ultra-high speed, and generate statistical indicators with the input business data. Provided to the decision engine for further analysis and processing.
"Decision engine": After loading the "SMS bombing prevention" AI model and indicators, and after logical judgment with the input business data stream, the risk result is output, and the response speed reaches a terrifying 1 millisecond.
"Equipment Fingerprint": It is built with international cutting-edge technology to accurately identify the unique number of the device, which has the advantages of accuracy, safety and high speed.
Summary: With the continuous development of Internet technology, we are inseparable from the interaction with the Internet every day. As an important part of Internet interaction, SMS verification code protects the safety of the website and our information. Image verification codes with poor user experience and no security at all will withdraw from the stage of history, and the future will be the era of verification codes with double guarantees of security and experience.