Mozilla pushes to replace CAPTCHAs while protecting user privacy

Mozilla Firefox logo seen on a smartphone screen. Thomas Fuller/SOPA Images/LightRocket/Getty.

Mozilla has proposed a new anti-bot system that privacy enthusiasts may love, with AI threatening the future of CAPTCHAs.

Mozilla has unveiled a new proposal aimed at solving one of the internet's growing dilemmas: how websites can fight bots without forcing users to sacrifice privacy.

In a blog post published this week, Mozilla outlined a framework called PACT (Private Access Control Tokens), a system designed to help websites distinguish between legitimate users and large-scale automated abuse while protecting user privacy.

According to Mozilla, websites are facing mounting pressure from automated abuse, including credential stuffing, spam campaigns, and distributed denial-of-service attacks.

At the same time, browser privacy protections are making it harder for websites to rely on passive tracking signals to distinguish humans from bots.

The situation has worsened with advances in generative AI, which can now solve many CAPTCHA challenges faster and more reliably than human users.

mozila 1 — A CAPTCHA provider can issue tokens to a client which can then be used to bypass challenges for future site visits. Even if the CAPTCHA provider and sites collude, they can’t use the tokens to identify the user or their browsing history. Source: Mozilla

As a result, websites increasingly require visitors to provide identifying information such as email addresses, phone numbers, or a login before granting access.

Mozilla warns that this trend creates a tradeoff between privacy and usability.

"The more effectively they [users] protect their privacy, the harder it is for websites to distinguish them from bots and the worse the treatment they receive," the company said, describing a web ecosystem where users using VPN and anti-tracking tools are increasingly treated with suspicion.

“Website operators are also suffering. The additional friction they inflict upon well-behaved visitors harms their site, but many are willing to pay the costs if it mitigates volumetric abuse,” Mozilla added.

If successful, Mozilla says, PACT could provide websites with the rate-limiting signals they need while preserving user privacy and maintaining an open internet.

mozilla 2 — (1) Clients acquire Endorsements from Anchors in the course of normal browsing to sites they have relationships with. (2) Clients can exchange Endorsements for a stateful Credential from a Moderator. (3) Credentials can be used to access sites which use that Moderator. Credentials can be updated over time. Source: Mozilla

How PACT can change CAPTCHAs

How can websites tell whether a visitor is likely a real person without forcing everyone to prove ownership of a specific device or reveal their identity? Mozilla seems to have the answer.

Instead of trusting your device manufacturer, such as Apple, Google, or Microsoft, Mozilla wants websites to rely on signals that you're a legitimate user elsewhere on the internet.

So what Mozilla proposes instead is using your reputation rather than hardware to verify that you are human. Instead of proving "I own an approved iPhone," you would prove: "Another trusted service knows I'm a legitimate user."

Imagine you already have a paid VPN subscription, an email or other long-standing accounts, or a phone number.

mozilla 3 — In the course of normal browsing, clients browse to websites they have a relationship with. These sites can act as Anchors by issuing Endorsements to clients. Source: Mozilla

These things are valuable because attackers cannot create millions of them instantly. Mozilla calls them scarcity signals. The services act as anchors and issue cryptographic endorsements to your browser.

The website you visit uses a moderator. The moderator decides which anchors it trusts, how much traffic a user should be allowed to generate, and whether someone looks abusive or legitimate.

The website asks, "Do you have proof from any trusted anchor?" Your browser presents an endorsement without revealing which anchor vouched for you.

The moderator exchanges that endorsement for a reusable credential. If you behave normally online, your credentials gain trust. If you act like a bot, for example, by scraping aggressively or sending thousands of requests, your credentials lose trust. The site can then restrict your access, however, without ever knowing who you are.

mozilla 4 — When the client browses to a site, it can prompt the client for a Credential from the Moderator it uses. If the Client doesn’t have a suitable Credential, but does have a suitable Endorsement, it can exchange it for a Credential with the Moderator. In practice, the Moderator and the Site might be the same server. Source: Mozilla

Mozilla also believes the framework could accommodate AI agents operating on behalf of users. Under the proposed model, AI agents could carry the same credentials as their human operators, making users accountable for their agents' behavior.

Mozilla believes this approach could allow websites to distinguish between legitimate user-controlled agents and large-scale abusive automation without resorting to blanket blocks.

Alternatively, AI service providers could act as anchors themselves and vouch for the legitimacy of their automated systems.

Mozilla emphasized that PACT remains an early-stage concept and that significant technical and security analysis is still required before deployment.

The company plans to bring draft specifications to standards bodies, including the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C), for further discussion.