CyLab seminar: Tara Whalen

November 15, 2021

12:00 p.m. ET

Panther Hollow (4th Floor in CIC) or Zoom

Headshot of speaker

Source: CyLab

Please note that CyLab seminars are closed to the public and open to CyLab partners and Carnegie Mellon University faculty, students and staff.

Speaker: Tara Whalen, Privacy Research Engineering Lead, Cloudflare

Talk title: Let The Right One In: A Better CAPTCHA Alternative 

CAPTCHAs are necessary to protect websites from bots and malicious crawlers, yet they are increasingly solvable by automated systems. This has led to more challenging tests that may effectively prevent bots but sacrifice usability and discourage the human users they are meant to admit. This talk describes a proposed solution: cryptographic attestation as the foundation of a usable, pro-privacy alternative. This approach leverages the open Web Authentication API, in combination with a variety of secure hardware devices, to allow a person to demonstrate their humanness through an interaction as simple as a touch–instead of repeatedly clicking on buses. Experimental evaluation shows strong usability results, which indicate a path forward for a practical, robust alternative to frustrating CAPTCHA experiences. 

Tara Whalen is privacy research engineering lead at Cloudflare. She previously worked as a privacy engineer at Google and Apple, and as an IT research analyst at the Office of the Privacy Commissioner of Canada. Whalen has over 20 years of experience in the information security and privacy fields, including roles in research labs, academia, federal government institutions, and the private sector. She is currently a non-residential fellow at the Stanford Center for Internet and Society and an adjunct research professor at Carleton University.