Snapchat Person Verification Defeated in <100 Lines of Code

out

[Steven Hickson] woke up this morning to an article about the new person verification system Snapchat has implemented. Thirty minutes later he cracked it to be solved by a computer, in less than 100 lines of code (GitHub).

First a little background. About a month ago, 4.6 million Snapchat users had their information compromised by a security hole. In an attempt to bump up security, Snapchat has implemented a new person verification method to ensure new accounts aren’t created by computers.

The method? Picking out a white ghost from a series of nine images. Kind of like a cute, less annoying Captcha. The problem? It’s a terrible way to prove you are a person. It took [Steven] only 30 minutes to write a program that uses simple thresholding, SURF keypoints and FLANN matching to find the ghost. In his tests, he’s found the ghost with 100% accuracy. He also muses that there is an even more efficient way to do it, he was just too lazy to do it.

Nice try Snapchat.