Apple users will be able to bypass CAPTCHA verification


A new iOS 16 feature called “Private Access Tokens” with the help device information and Apple ID will inform the website that you are a legitimate user and not a robot. This will bypass the CAPTCHA check. The option was described in detail by Apple at the WWDC 2022 session called «Replace CAPTCHAs with Private Access Tokens».

The technology sends tokens to the server using a new HTTP authentication method
under the name «PrivateToken». These tokens are then used as part of the cryptographic process to confirm user authentication.

“The server that received the tokens can only verify their validity. However, the server cannot recognize the identity of the client”,” Apple explained. The function takes into account the certificates on the device and checks the status of the Apple ID profile.

New feature «Automatic Verification» enabled by default in the first beta versions of iOS 16, iPadOS 16 and macOS Ventura. To enable Automatic Verification you need to go to the Apple ID settings, select “Privacy and Security”and then find the switch “Automatic verification”.