This work proposes a seamless human verification mechanism that overcomes the limitations of traditional CAPTCHAs—namely, poor usability, lack of accessibility, vulnerability to automated attacks such as CAPTCHA farms, and reliance on explicit user interaction or extensive behavioral data. The approach uniquely integrates real-time thermal imaging with cryptographically bound, traceable tokens: a lightweight YOLOv4-tiny model detects human thermal signatures to confirm the presence of a genuine user, while cryptographic binding prevents token forwarding attacks. Requiring no user-solving tasks, the method simultaneously ensures privacy preservation, accessibility, and robust security. Evaluated on a low-power server, the prototype achieves 96.70% detection accuracy with a verification latency of 73.60 milliseconds. User studies demonstrate its significant superiority over reCAPTCHA v2 in terms of accuracy, speed, and overall usability.

CAPTCHAs remain a critical defense against automated abuse, yet modern systems suffer from well-known limitations in usability, accessibility, and resistance to increasingly capable bots and low-cost CAPTCHA farms. Behavioral and puzzle-based mechanisms often impose cognitive burdens, collect extensive interaction data, or permit outsourcing to human solvers. In this paper, we present ThermoCAPTCHA, a novel privacy-preserving human verification system that uses real-time thermal imaging to detect live human presence without requiring users to solve challenges. A lightweight YOLOv4-tiny model identifies human heat signatures from a single thermal capture, while cryptographically bound traceable tokens prevent forwarding attacks by CAPTCHA farm workers. Our prototype achieves 96.70% detection accuracy with a 73.60 ms verification latency on a low-powered server. Comprehensive security evaluation, including MITM manipulation, spoofing attempts, adversarial perturbations, and misuse scenarios, shows that ThermoCAPTCHA withstands threats that commonly defeat behavioral CAPTCHAs. A user study with 50 participants, including visually challenged users, demonstrates improved accuracy, faster completion times, and higher perceived usability compared to reCAPTCHA v2.