Snapchat’s latest security feature was cracked, as another hacker managed to bypass its new human verification system. In approximately 30 minutes, developer Steven Hickson was able to find a way to get around the added security measure included in the app’s recent update.
According to Mashable Friday (Jan. 24), Hickson details in a blog post how he was able to break Snapchat’s “find the ghosts” image captcha verification or “Snaptcha”. Hickson was able to identify the human verification system as template matching and created code to solve it, using OpenCV, SURF and FLANN. “This is an incredibly bad way to verify someone is a person because it is such an easy problem for a computer to solve. I spent around ~30 minutes writing up some code in order to make a computer do this ,” Hickson said.
This latest example of a Snapchat security vulnerability follows reports about a group of hackers who created SnapchatDB, a database of 4.6 million Snapchat usernames and partial phones numbers. As TechCrunch reports, Snapchat issued a statement about the breach and the addition of the "Snaptcha" was an attempt to combat hackers. "We appreciate the efforts of those who help identify vulnerabilities in our service and we continue to make significant progress in our efforts to secure Snapchat,” Snapchat told TechCrunch.
It appears that Snapchat will have to beef up security on its app to avoid further exploits, as Hickson points out with his new hack. “ It's a numbers game with computers and Snapchat's verification system is losing. I'm just saying that if it takes someone less than an hour to train a computer to break an example of your human verification system, you are doing something wrong,” Hickson said.