Leading web infrastructure and website security company Cloudflare has published an article claiming that humanity wastes about 500 years per day solving CAPTCHAs—those annoying, predominately picture-based security checks that users have to click on to convince websites that they aren’t bots. The mind-numbing process has driven Cloudflare to propose an alternative to CAPTCHAs called “Cryptographic Attestation of Personhood,” which leverages USB security keys (e.g., YubiKeys) to confirm that the user is human. Users with the appropriate hardware can check out how Cloudflare’s new security check works by visiting cloudflarechallenge.com.
The short version is that your device has an embedded secure module containing a unique secret sealed by your manufacturer. The security module is capable of proving it owns such a secret without revealing it. Cloudflare asks you for proof and checks that your manufacturer is legitimate.
Sources: Cloudflare, The Verge