Just a moment...
www.androidauthority.com

  • Google is making it mandatory to have Play Services for its next-generation reCAPTCHA system on Android.

  • Your phone will need to be running Play Services version 25.41.30 or greater when the system asks you to scan a QR code for verification.

  • This hurdle means that de-Googled phones will fail the verification test by default.

  • ExLisper@lemmy.curiana.netEnglish
    6·
    1 hour ago

    At that point, reCAPTCHA will forgo the old image puzzles and require you to scan a QR code with your smartphone to prove you’re human.

    What is that supposed to mean? What QR code? Just any? I’m supposed to find some QR code laying around and scan it? Or will the webpage display a QR and I’m supposed to scan it with my phone using a mirror or something?

    • luciferofastora@feddit.orgEnglish
      1·
      50 minutes ago

      The example image I saw was of a page opened on a laptop, which prompted you to scan with a phone. If you don’t have a (compatible) phone, I’m curious how that would go.

      • ExLisper@lemmy.curiana.netEnglish
        2·
        44 minutes ago

        Oh, I thought they are talking about browsing on their phones.

        That still makes very little sense. What if someone has an iPhone? What if I am browsing on my phone? What if I don’t have my phone near me? This sounds like some optional, extreme case feature. Like when they are pretty much sure you’re a bot but the website optionally gives you last one chance to prove you’re not instead of just rejecting your request.

        • luciferofastora@feddit.orgEnglish
          1·
          32 seconds ago

          What if someone has an iPhone?

          Per https://support.google.com/recaptcha/answer/16609652

          Supported Environments for reCAPTCHA Mobile Verification:

          • Android Devices:

            • Google Play Services version 25.41.30 or greater.
            • To verify Google Play Services version on an Android device, open Settings > Apps > All Apps > Google Play Services

          • iOS/iPadOS devices for QR Code Scan:

            • Version 15.0 or greater.

          • iOS/iPadOS devices for “Click to Verify” Button:

            • Version 16.4 or greater.
            • Version 15.0-16.4 with the reCAPTCHA app installed.

          What if I am browsing on my phone?

          I’m not seeing anything related to that specifically, but I imagine a (supported) mobile browser will be able to interface with Play Services directly and not need a QR code challenge.

          If you use an unsupported browser, I think we can both guess what’s gonna happen. As for what browsers are supported:

          https://support.google.com/recaptcha/answer/6223828?hl=en&ref_topic=6188330&sjid=5375685544242031989-EU

          Browser requirements for reCAPTCHA

          We support the two most recent major versions of the following:

          • desktop (Windows, Linux, Mac) - Chrome - Firefox - Safari - Chromium Edge
          • mobile
            • Chrome
            • Safari
            • Android native browser

          Guess if you’re using Firefox mobile, you’re fucked - plz switch to Chrome, thank you and welcome to our digital prison saferoom!

          What if I don’t have my phone near me?

          You mean you don’t carry our surveillance device with you 23/7 (we’ll give you an hour for sleep)?

          I’m somehow reminded of that mobile Diablo announcement and the surprised response “Don’t you guys have phones?”

          This sounds like some optional, extreme case feature. Like when they are pretty much sure you’re a bot but the website optionally gives you last one chance to prove you’re not instead of just rejecting your request.

          The stated goal is to fight fraudulent agentic AI: “As we identify potentially fraudulent behavior from agents, we enable application providers to deter and mitigate malicious requests by requesting humans to be in the loop using the new QR code-based challenge.”

          https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-fraud-defense-the-next-evolution-of-recaptcha/

          So they’d do this when they suspect the thing interacting with the page is not a human, but expects a human to be involved with the process. How exactly that “potentially fraudulent behavior” would be detected is a different question and I have absolutely zero faith that it will fulfill its mission dutifully and without collateral damage. But then, if you’re compliant with their requirements, that collateral damage is negligible. They made sure that the prison saferoom is really comfy.