Snapchat instituted a new visual verification system to stop the automated collection of usernames and spam. Computer programmer Steven Hickson says it took less than an hour to hack the security measure and write code capable of automatically entering the verification.
A growing number of users have complained about the amount of Snapchat spam, which has been on the uptick recently. Snapchat says that it is the byproduct of the service’s increasing popularity.
In response to a major exploit that saw the collection and release of 4.6 million usernames, along with their corresponding phone numbers, Snapchat instituted a visual verification service to help curb the automatic collection of phone numbers.
According to Hickson, who detailed his hack in a blog post, Snapchat’s response was “an incredibly bad way to verify someone is a person because it is such an easy problem for a computer to solve.”
“With very little effort, my code was able to ‘find the ghost’ in the above example with 100% accuracy. I'm not saying it is perfect, far from it,” Hickson writes. “I'm just saying that if it takes someone less than an hour to train a computer to break an example of your human verification system, you are doing something wrong.”
Hickson says that there are several different ways for a computer to determine where the ghost was in the verification picture. The programmer says that it is simply a numbers game, and “Snapchat's verification system is losing.”
The Los Angeles, Calif.-based social network did not immediately return a request for comment. Snapchat recommends that users adjust their privacy settings so that “Only My Friends” can send snaps, to avoid spam.
Follow Thomas Halleck on Twitter @tommylikey