MSR Asirra – Alternate approach to CAPTCHA

We all have seen usage of CAPTCHA(Completely Automated Public Turing test to tell Computers and Humans Apart) or HIP (Human Interactive Proof) in several website preventing spams for comments or email, protecting web services from bot attacks where programs\bots tries to imitate humans and fool the server systems. CAPTCHA is very well known way of using Alphanumeric character images in a distorted way and random orientation like below:

You can take a look at my previous post on CAPTCHA at

There are some issue which people are finding these days that the distortion is sometime such that its not human friendly but computers are able to read that.

There is an alternate HIP solution developing at MSR which is still in BETA phase and has been prototype by other universities too with the usage of images instead of text where a human can do the identification of images.

Here is how Asirra looks like on a page:


Visit for complete details on Asirra and usage instructions.

To brief about Assira, this is a two way verification where javascript code gets the challenge and if user solves that correctly, gets a ticket from MSR’s server (also a success message\alert could be shown to user). This message is then passed along with form data as hidden field which is expected to be used by code behind and call a MSR Web Service to validate the Ticket. Repeated trials with the same ticket makes it fail.

In all this seems to be a encouraging way and should improve even more with the quality of images which come. Also there might be orientation changes for images for increased difficulty levels when it would come to machines. Also change in image size (random sized images in challenge) could be one of the improvements which we may find in the final versions.

Here is how the code looks like:


<%@ Page Language="C#"
         Inherits="asirra" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">

<html xmlns="">
<head runat="server">
<script type="text/javascript">
    var passThroughFormSubmit = false;
    function MySubmitForm() {
        if (passThroughFormSubmit) {
            return true;
        // Do site-specific form validation here, then...
        return false;
    function HumanCheckComplete(isHuman) {
        if (!isHuman) {
            alert("Please correctly identify the cats.");
        else {
            passThroughFormSubmit = true;
            formElt = document.getElementById("mainForm");
    <form runat="server"
          onsubmit="return MySubmitForm();"> 
    <div style="margin:200px 0 0 20px;">
      <script type="text/javascript"
       <script type="text/javascript">
        // You can control where the big version of the photos appear by
        // changing this to top, bottom, left, or right
        // You can control the aspect ratio of the box by changing this constant
        <br />
        User Name: <input type="text"
                          name="UserName" />
        Favorite Color: <input type="text"
                               name="FavoriteColor" />      
        <input type="submit"
               value="Submit" />

C# Code Behind

using System;
using System.Net;

public partial class asirra : System.Web.UI.Page
    protected void Page_Load(object sender, EventArgs e)
        if (IsPostBack)
            string asr_tkr = Request.QueryString["Asirra_Ticket"];
            if (string.IsNullOrEmpty(asr_tkr))
                Response.Write("Asirra Ticket Value is not present");
                string queryString = "action=ValidateTicket&ticket=" + asr_tkr;

                WebClient wc = new WebClient();
                string resp = wc.DownloadString("" + queryString);
                if (resp.IndexOf("Pass", StringComparison.InvariantCultureIgnoreCase) > -1)
                    Response.Write("Got Asirra Ticket Verified");
                    Response.Write("Asirra Ticket Not Verified");

Take a look at it and try. You may like it too like me!!

bye for now.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Who am I what am I doing?

Who am I what am I doing?

%d bloggers like this: