Reputation: 1388
Is there a need for CAPTCHA verification on native android apps?
I know CAPTCHA verification is required on web applications so that people don't write scripts to trigger form submissions over and over again.
But is there a need for this on native android apps? I mean I don't think someone will be able to write scripts to trigger android form submissions from a thrid party app, would they? If not, IS using CAPTCHA really recommended?
Note: I am not asking this randomly, I have been asked to build CAPTCHA verification on the client side on my current project. However, I do not see the point in this.
Upvotes: 4
Views: 1015
Answers (1)
Reputation: 3885
There is a point to it. The specific attack scenario that can I envision is someone reverse-engineering the application to find out what underlying protocol is used, and then use that protocol to automate the operation that is supposed to be done manually. If the message also contains an answer to a CAPTCHA, this will be harder.
The question is whether or not such a scenario is likely enough (and severe enough) to cause the extra burden on the user. Keep in mind that having a CAPTCHA is a very effective way to make your users dislike the application.
It's impossible to say whether the tradeoff is worth it. In most cases though, it's not. Especially given that that CAPTCHA's are not actually very effective.
Upvotes: 3
Related Questions
- using captcha in mobile apps
- Is requiring captcha for API a design flaw?
- Captcha in Android Application
- generating captcha
- do I have to add captcha in all forms?
- how do I add captcha from a website to an app
- Implement Captcha in android app code
- How can implement captcha Using android
- Google App Engine Go - using OpenID, should I also use captcha?
- Captcha in mobile application and web application