CATCHAPs/HIPS to test and improve the security

Summary of the technology

A research group from the Computer Engineering Department of the University of Alcalá proposes a security analysis expertise to those individuals and companies that are developing their own CAPTCHA/HIP proposals or want to test the security of their current proposals. The group can also work towards the improvement of the security of current CAPTCHA/HIP proposals whenever that target is attainable.

Moreover, the group has a few CAPTCHA proposals that could be implemented at a grand scale level. These proposals though, need to undergo a security analysis previous to being put into production. It could be possible to share part of the IP with the companies wanting to implement these proposals if they assist the group economically in their initial implementation and security analysis.

The group is seeking for individual clients and companies to achieve collaboration and commercial agreements with technical assistance.

New and innovative aspects

Increase the security against external attacks

Automatic attacks to test the security of the implementation

Main advantages of its use

Having a secured CAPTCHA implementation can help a company to protect its on-line assets from various types of automated abuse. This can prevent the loss of revenue to the company, and also allow it to confidently offer more on-line services knowing that their automated abuse is difficult.

We have some possible ideas for new CAPTCHA/HIP paradigms that can offer better security levels and usability than the actual CAPTCHAS in the market. These proposals need to undergo a security analysis previous to being put into production. We can share part of the IP with the companies wanting to implement these proposals if they assist us economically in their initial implementation and security analysis.

If successful, we can licence the idea and/or offer together this CAPTCHA services to third companies, getting revenue from high-volume users and advertisers.


The group has an extensive knowledge and experience in IT Security, in particular, in the field of the security of CAPTCHA/HIP. It has also performed several successful security analyses of very different CAPTCHAs/HIPs currently in production.

They can assist in:

  • Developing a threat model covering their proposal. This would allow our customers to better understand the security ecosystem in which their proposal is working and better conduct Risk Management strategies.
  • Assessing the security of their current CAPTCHA proposal or implementation. This would allow the customers to understand if their CAPTCHA/HIP proposal or implementation passes a minimum security level without which it should not be put into production.
  • Study of improvements. This service is orientated towards allowing the customers to improve their CAPTCHA/HIP security without affecting much the user interaction. This study might or not reach an improvement, depending on the proposal. After the results of this study, a new security assessment should be run.
  • Improvement of Resilience. This service would allow us to cooperate with our customers towards implementing additional measures to increase their CAPTCHA/HIP security under attack. This would possibly include attack detection and mitigation mechanisms.


This possible technical assistance can cover:

  • Security Analysis of the initial design. Strengthen any found vulnerability.
  • Assistance during design and implementation.
  • Assistance during usability tests.
  • Vulnerability analysis of the implementation.

Intellectual property status

The group has the secret know how of the technology

Current development status

Development Phase

Desired business relationship

The group seeks to achieve collaboration or commercial agreements with technical assistance with companies providing IT Security services, in particular anti-abuse protection, to third parties.

Related Keywords

  • Artificial Intelligence (AI)
  • Computer Software Technology
  • Data Protection, Storage Technology, Cryptography, Data Security
  • Electronic Commerce, Electronic Payment
  • Internet Technologies/Communication (Wireless, Wi-Fi, Bluetooth)
  • IT and Telematics Applications
  • Commercial Communications
  • Systems software
  • Program development tools/languages
  • Other system software
  • Applications software
  • Artificial intelligence related software
  • Software services
  • Programming services/systems engineering
  • IT Consulting services
  • Other software related
  • attack
  • catchap/hip
  • it security
  • resilience

About Universidad de Alcalá-OTRI

The Technology Transfer Office at Alcalá University serves as a liaison between the University and its socioeconomic environment in terms of research and innovation. It encorages collaboration between research groups from universities and companies/institutions, with the objective to promote and commercialize research results and scientific capabilities.

Some of the services offered by this office are specified in the following list:

- Promotion of R & D and improvement of the relationships with companies.
- Promote the participation in R & D projects applicants to public calls (regional, national and European).
- Advising, processing and monitoring of patents and other forms of industrial protection.
- Support in the negotiation of contracts and agreements for R&D&i

Universidad de Alcalá-OTRI

Never miss an update from Universidad de Alcalá-OTRI

Create your free account to connect with Universidad de Alcalá-OTRI and thousands of other innovative organizations and professionals worldwide

Universidad de Alcalá-OTRI

Send a request for information
to Universidad de Alcalá-OTRI

About Technology Offers

Technology Offers on Innoget are directly posted
and managed by its members as well as evaluation of requests for information. Innoget is the trusted open innovation and science network aimed at directly connect industry needs with professionals online.


Need help requesting additional information or have questions regarding this Technology Offer?
Contact Innoget support