From now on, to create a new Snapchat account, you will have to go through a security process to ensure you’re not a robot. The process is similar to CAPTCHA, but simpler and much cuter—thus, it’s being dubbed SNAPTCHA.
New users are told to select from nine images the ones that contain the Snapchat ghost. Some photos contain other adorable white objects like butterflies and snowmen. If only every security wall would adopt a similar method—no more deciphering if the blurry letter is a lowercase “l” or uppercase “I”. We can dream.
The motivation for the security update is many-fold. Part of it was thanks to 16-year-old computer prodigy, Graham Smith. The Dallas, Texas high school sophomore has kept Snapchat on its toes with a blog collecting all of the company’s security loopholes.
Snapchat has incurred problems in the past with user privacy, namely a how-to hack posted by Gibson Security detailing how it found 10,000 phone numbers from Snapchat’s server in mere minutes. The other major breach, SnapchatDB (now suspended), posted the usernames and phone numbers of 4.6 million users. These incidents were both great fodder for Smith.
The high schooler’s one-man operation is basically a timeline describing his Snapchat security hacks and interactions with the company. He started out testing the Gibson Security findings, discovering that there was in fact a vulnerability with the Find Friends option and major issues with Snapchat’s API. He reach out to Snapchat and when he didn’t hear back, he took matters into his own hands, finding the phone number of CTO Bobby Murphy, and texting him directly.
"January 7, 2014 (3:39PM PST) – I decided to call Bobby, only to receive his voicemail. I texted him. Hey Bobby. He texted back. Who is this? So I filled him in on the details and was told to send him an email and he’d see what he could do," Smith's blog explained.
Since Smith’s communication with Snapchat began, the company has been open to software experts’ and hackers’ advice to continue enhancing its security. Though maybe not Graham Smith-proof, the Snap-tcha system will definitely curb hackers’ attempts at obtaining usernames and phone numbers.