Google’s new bot prevention reCaptcha may not be as sophisticated as promised.

In a blog post today, security company Shield Square wrote that the Google algorithm may be fairly easy for bots to bypass, echoing similar sentiments from Sakurity consultant Egor Homakov aired earlier this month.

Google launched its new bot-detecting Captcha form called No Captcha reCaptchas on Dec. 3. The technology replaces the Captcha test, which requires you to replicate in plain text a gnarled series of letters and numbers, with a simple check box. The company said the new, simple interface is more secure than the old Captcha because it analyzes user behavior to determine whether they are a person or a bot.

All you have to do is check the box.

Above: All you have to do is check the box.

Image Credit: Google

To reduce the number of times that users have to interface with No Captcha, the algorithm only makes users take the test once. Next time they visit the site, No Captcha won’t appear — unless the user regularly clears their cookies, in which case they’ll have to retake the Captcha every time they do so.

Shield Square asserts that Google’s reliance on cookies creates a problem. For bots to pass the reCaptcha, all they have to do is store the relevant cookies for the website they’re looking to access. Alternatively, bots could use an optical character recognition tool to solve the puzzle in the first place, allowing continued access to the site.

Because Google’s software is intelligent and is supposed to actually learn an individual’s behavior, it has built-in provisions to stop sophisticated bots. If No Captcha can’t identify a user’s past behavior, like if they’re browsing in incognito mode, Google presents the old Captcha test. Google is also playing with tests that would force suspicious users to match similar images or solve jigsaw puzzles. But as Sakurity’s Homakov says in his original post, bots can pass image tests.

“Bots simply need to get the JS code of challenge, show it to another human being (working for cheap or just a visitor on popular websites),” he writes, “and use the answer that human provided.”

What’s more, both Homakov and Shield Square found that No Captcha introduced a new vulnerability. Utilizing clickjacking (wherein an attacker creates transparent layers on top of a website, so that when a user clicks, it reroutes them to another site) bots can get real humans to take the reCaptcha test for them. Homakov says the company patched the clickjacking vulnerability, so it shouldn’t still be an issue, which Google confirms.

As for the remainder of the issues, when I reached out to Google after Homakov’s initial post, the company pointed to No Captcha’s use of machine learning. It says No Captcha will get better at distinguishing between bot behavior and human behavior online over time, so any vulnerabilities that exist now may quickly resolve. But Homakov and Shield’s posts could spin that rebuttal on its head. If bots are advancing just as quickly, Google could be perpetually playing a cat and mouse game with web-trolling bots — a battle persistent threats tend to win.

It’s worth noting that a representative from Shield Square, Nachiappan Vpn, said Google’s No Captcha algorithm is still a lot better than the old Captcha form. But, he went on to say, it may not be the silver bullet bot prevention Google hopes it will be: a tool that’s easy for users and hard on bots. As Google’s algorithm gets more discerning about bot versus human activity, the No Captcha puzzles may get harder. One commenter on Hacker News, who recently encountered Google’s No Captcha form, said the jigsaw puzzle “approached the threshold of not being worth the effort.” For the time being, users may have to sacrifice a fluid experience for better bot detection — a problem No Captcha was supposed to tackle. It may still be a while before we see an easy-to-use bot deterrent.