Hacker News new | past | comments | ask | show | jobs | submit login

I had a strange idea about solving this problem: How about a micro-payment, something like $0.01, instead of solving a puzzle? In that case maybe you won't care if many bots login to your website.

I think that I by this time I have the technology to make something like this work, I was wondering if this is a good solution though. What do you think?

Having to make a payment to join a website is maximum friction and makes your website seem dodgy. It seems more likely they are trying to steal cc details by asking for such a small payment.

> How about a micro-payment, something like $0.01, instead of solving a puzzle?

This approach may turn legitimate people away, namely:

1. People from regions where it is uncommon to have means to interface with payment processors.

2. Minors who, for one reason or another, are not able to obtain a debit card/credit card. Similarly, PayPal refuses minors.

You could use JavaScript cryptocurrency mining instead. User clicks a button to activate miner script, it runs in their browser for 10-30 seconds or whatever, then reports back to your server that they are good to go.

You’ll lose people who are blocking this kind of shit. Also you might end up on a Firefox blacklist.

Don't know how the blacklist works. As someone who blocks javascript by default, if I were asked to enable this to submit a login, I would probably be okay doing so if I could be confident a script was only mining and not fingerprinting me. (Big if)

There are torrent sites that do this already (not as spam prevention, just to generate money). It's pretty annoying but I guess for spam prevention you could make the length of time shorter.

I'm against automatically mining on people's computers, but I think it's interesting as an opt-in: click this button to run the miner for a fixed amount of time in return for {posting a comment, attempting a login, etc}.

Since I'm also generally against javascript, ideally the code would open-source and it could be verified that it doesn't do anything malicious...

It also seems like a nice idea to me ¹. It could also be a potential solution to ads and such. Pay a few cent and get a cookie allowing you ad-free browsing on a given website. You could also imagine a half centralized system where “website collectives” get together and the fee you pay allows you access to any of the website in the collective…

Couldn't gnu taler allow this kind of stuff?

¹ https://news.ycombinator.com/item?id=13829545

Payment processing is nontrivial to set up, and doesn't make sense in a lot of contexts.

What if we had a mechanism that makes this kind of setup very trivial, and also risk free for the visitor? Then would you consider this kind of solution? EDIT: Same question for tty2300 (:

We already do with cryptocurrency. Many people are incredibly hostile to using their credit card anywhere that isn't a physical location.

My parents don't even trust Amazon. They use Visa prepaid cards that they fill up at CVS whenever they have to.

Arguably they're doing the right thing and we're all doing the wrong thing. Either way, micropayments are one of those "ideal world" scenarios that are unlikely to transpire anytime soon.

What would prevent the bots from using the same system?

The minor cost may be offset by the fact that getting a post through to a site that has almost no spam because of its filter is valuable in itself. If the bot is sophisticated enough that the stuff it posts is hard to distinguish from a human shill or shitposter it may even prefer sites protected with such a system.

Useful for the vintage VIAGRA HERE link dumpers perhaps though, but those can be filtered out with a content filter.

Google will never allow this to happen (as they benefit from the web using ads for monetization).

You have no idea how often I've shouted at my monitor that I would rather pay the site hoster a one-time fee than use google captcha ever again, and I really wish more sites offered this.

Say what you want about the site, but 4chans pass method of payment, which just removes all the captcha's when posting and lowers the post timer, was a fantastic idea, and just works.

I think that there is a real opportunity here. I just went over all the comments about this idea. It seems like most of the objections relate to issues with the payment medium itself, and not with the actual idea of paying instead of solving a puzzle.

Some examples:

> It seems more likely they are trying to steal cc details by asking for such a small payment.

This relates to being afraid using a credit card online against a non credible seller.

> Payment processing is nontrivial to set up

This one is about the technical difficulty (And possibly also regulation) for setting up payment processing

> regions where it is uncommon to have means to interface with payment processors.

This one is about inaccessibility to payment means, which also relates to a problem with the payment medium.

> You could use JavaScript cryptocurrency mining instead

I assume that bo1024 suggested this because he implicitly believes that setting up a payment processor will be more difficult, and give bad experience to the user.

The only objection I have seen which is more specific to actually recognizing humans is this one (by Freak_NL)

> What would prevent the bots from using the same system?

First, I think that it should make operating bots on a wide scale much more expensive. Second, if you make money out of bots coming into your website, would you really care that they are bots? I assume that the reason someone would block bots from the first place is that bots harm their money making business. If you had a system to collect this money back, shouldn't this considered as a problem solved?

I am working these days on a decentralized payment system that supports micro-payments. (I promise there are no blockchains inside). Solving the captcha thing can be a very useful use case. I will be happy if anyone wants to join forces on this one (My email is real (at) freedomlayer (dot) org).

I and I think most people would be happy to pay a small amount to each site we visit, but payments system to make the idea practical just doesn't exist. I for sure am not going to hand out my CC number everywhere; it's inconvenient, it's intrusive (full legal name, address, phone number), and I have no idea how securely and for how long they store that information.

I would really love to see a way to make small payments to sites that I visit simply and all managed in one place.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact