Snapchat’s new security measure, which is kind of like a captcha, was hacked by developer Steven Hickson in about 30 minutes. The features was added in the app’s latest update and requires users to identify the pictures that include Snapchat’s ghost logo out of a collection of images.
As Hickson explained on his blog, the ghost is “very particular,” allowing a hacker to use template matching via a computer. So, the developer spent about 30 minutes writing code to make a computer do template matching. After the program was ready, he wrote:
“With very little effort, my code was able to ‘find the ghost’ in the above example with 100% accuracy. I’m not saying it is perfect, far from it. I’m just saying that if it takes someone less than an hour to train a computer to break an example of your human verification system, you are doing something wrong.”
The Washington Post tried to get in contact with Snapchat to ask about Hickson’s findings. Company spokeswoman Mary Ritti declined to comment on Hickson’s blog, but stated, “We continue to make significant progress in our efforts to secure Snapchat. For security reasons, we cannot provide detailed information on security countermeasures.”
Snapchat’s security feature was meant to address issues that came to light after the app was hacked in December and the usernames and phone numbers of users were published in a database online. However, if it is so easy to hack, the company may have to think of something different.