Using a Memory Test to Limit a User to One Account

In many Web-based applications, there are incentives for a user to sign up for more than one account, under false names. By doing so, the user can send spam e-mail from an account (which will eventually cause the account to be shut down); distort online ratings by rating multiple times (in particular, she can inflate her own reputation ratings); indefinitely continue using a product with a free trial period; place shill bids on items that she is selling on an auction site; engage in false-name bidding in combinatorial auctions; etc. All of these behaviors are highly undesirable from the perspective of system performance. While CAPTCHAs can prevent a bot from automatically signing up for many accounts, they do not prevent a human from signing up for multiple accounts. It may appear that the only way to prevent the latter is to require the user to provide information that identifies her in the real world (such as a credit card or telephone number), but users are reluctant to give out such information.

[1]  Björn Stenger,et al.  Shape context and chamfer matching in cluttered scenes , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[2]  Roger B. Myerson,et al.  Game theory - Analysis of Conflict , 1991 .

[3]  G. Moy,et al.  Distortion estimation techniques in solving visual CAPTCHAs , 2004, CVPR 2004.

[4]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[5]  Yoav Shoham,et al.  Combinatorial Auctions , 2005, Encyclopedia of Wireless Networks.

[6]  Makoto Yokoo,et al.  Robust Combinatorial Auction Protocol against False-Name Bids , 2000, AAAI/IAAI.

[7]  Jitendra Malik,et al.  Recognizing objects in adversarial clutter: breaking a visual CAPTCHA , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[8]  Makoto Yokoo,et al.  False-name-proof combinatorial auction protocol: Groves Mechanism with SubModular Approximation , 2006, AAMAS '06.

[9]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[10]  Manuel Blum,et al.  Telling Humans and Computers Apart Automatically or How Lazy Cryptographers do AI , 2002 .

[11]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[12]  Makoto Yokoo,et al.  The effect of false-name bids in combinatorial auctions: new fraud in internet auctions , 2004, Games Econ. Behav..