Privacy and security on the internet have become major concerns for both individuals and businesses in recent years. Users want to browse and access content freely without having their data collected or tracked. Meanwhile, website owners need ways to validate that site visitors are real human users, not bots or attackers. This has traditionally led to the rise of CAPTCHAs – those clunky “I’m not a robot” checks that annoy users and harm accessibility.

Now a new technology called Private Access Tokens (PATs) aims to address this problem. PATs allow users to prove their authenticity without revealing personal information or completing CAPTCHA challenges. In this post, we’ll take a comprehensive look at how PATs work, including their benefits and limitations and their lack of ability to judge between bots vs humans. We will consider what the future will hold for this emerging standard when combined with more comprehensive proof-of-work strategies provided by Friendly Captcha.

What are Private Access Tokens and How Do They Work?

Private Access Tokens are cryptographic tokens that can be used to validate users and devices without collecting or sharing identifying data. They are an extension of the Privacy Pass protocol currently being standardized by the IETF.

Four key parties are involved in the PAT architecture:

  • Client – The user’s browser or app making requests.
  • Mediator – An entity that authenticates the client and requests tokens, usually the device/platform vendor.
  • Issuer – Generates and signs the PATs after vetting requests.
  • Origin – The website or app being accessed by the client.

Here is an overview of the steps involved when a client requests access to an origin website:

  1. The origin site returns a 401 status code, asking the client to present a valid PAT.
  2. The client’s browser or app forwards this request to the mediator along with authentication.
  3. After the mediator has verified the client’s authenticity, it sends an anonymized token request to the issuer.
  4. The issuer checks that the request meets the origin’s policies. If so, it cryptographically signs a PAT and returns it to the mediator.
  5. The mediator forwards the PAT to the client.
  6. The client sends the PAT to the origin in its request headers.
  7. If the PAT signature is successfully verified, the origin allows the client to access the protected resource.

This tokenized approach allows user validity to be confirmed without the origin ever seeing identifying details. The PATs themselves reveal nothing about the client’s identity. The mediator and issuer similarly cannot correlate tokens with specific sites visited. An interesting article about PATs, which are not entirely uncritical, can be found here.

Benefits of Private Access Tokens

PATs offer a number of initial advantages both for end users and site owners:

  • Improved privacy – Users don’t have to expose personal information or get tracked across sites. Data stays compartmentalized between the mediator, issuer, and origin.
  • Better accessibility – Eliminates the need for visual CAPTCHAs that cause challenges for users with disabilities.
  • Smoother UX – No more annoying CAPTCHA prompts and delays for legitimate users.
  • Easier adoption – Websites don’t have to build or maintain custom SDKs. The validation happens transparently.
  • Mobile optimization – Apps can validate users without CAPTCHAs that don’t work well on small screens.
  • Bot resistance – PATs signal that requests come from authentic devices, not bots or emulators.

When implemented properly, PATs enable a frictionless user experience without sacrificing security. Tech platforms such as Apple and Google are actively collaborating to standardize and promote adoption of this technology.

Concerns and Limitations Around Private Access Tokens

However, some challenges and open questions remain regarding the use of PATs:

  • Partial Client support – PATs currently only work on iOS 16+ and MacOS Ventura+ until other platforms roll out support. Globally, most users cannot yet utilize them. Firefox on desktop, with a 15% marketshare in the EU, has an official position of “defer”, pending further spec development of privacy controls.
  • Partial solution – PATs signal authenticity but don’t definitively determine humanity. Additional signals are still needed. Bots will still operate on Genuine Apple or Google hardware with an iCloud or Google Account. Bots may still appear on other popular browsers, such as Firefox.
  • Mediator reputation – Issuers rely on mediators thoroughly vetting client identities. A weak mediator could enable abuse, or worse, multiple weak mediators.
  • Multiple identities – The PAT architecture does not enforce strong constraints around the definition of a Client identity and allows it to be defined entirely by a Mediator. If a user can create an arbitrary number of Client identities that are accepted by one or more Mediators, a malicious user can easily abuse the system to defeat the Issuer’s ability to enforce per-Client policies.
  • Linkability – While difficult, PAT correlation by fingerprinting factors may still be possible. For example, multiple keys can be used to segment users with arbitrary granularity, until the specification limits the number of keys that a server can use.
  • Configurability – Sites must determine what endpoints warrant PAT validation and protection. A user landing on any protected page will undergo the initial PAT handshake, creating a noticeable latency which is likely to have a financial impact from poor user experience and a weaker SEO/SERP ranking.
  • Token hoarding – As PAT usage grows, restrictions like device limits may become necessary to prevent token hoarding. Because PATs are anonymous and reusable tokens not permanently tied to specific users or devices, an attacker could potentially obtain a large stockpile of valid PATs through various malicious means. The attacker could then distribute these hoarded tokens to an army of bots or compromised devices, allowing them to bypass PAT-protected access controls on websites at scale since the sites have no way to identify the illegitimate source of the tokens. This threat of token hoarding highlights the need for implementing PATs cautiously alongside other robust bot detection and defense signals, rather than over-relying on PATs as a single passive signal that can be abused to overwhelm access controls.

While promising, PATs are not a magic bullet against all bots, fraud, and abuse. Implemented judiciously alongside other security measures, they can enhance user privacy without opening significant vulnerabilities. But reliance on PATs as a sole signal could ultimately undermine security goals.

Friendly Captcha: Our Perspective on Private Access Tokens

At Friendly Captcha we recognize the potential benefits of Private Access Tokens. However, given the nascent state of this technology, we believe a cautious approach is warranted.

For the foreseeable future, our products will continue primarily relying on established proof-of-work and bot detection capabilities, drawing in PATs as yet another signal as needed. As PAT adoption spreads, we plan to selectively integrate support in order to reduce friction for users of supported clients. However, we will ensure critical flows such as account signup and login retain robust validation methods including server-side fingerprinting and adaptive ML models.

Additionally, we are closely monitoring developments around the PAT standard, issuer landscapes, and mediator best practices. We want to encourage the responsible evolution of this technology before fully embracing it. As PATs become more battle-tested and capable of deterring sophisticated attacks at scale, we will expand our integration and usage accordingly.

In summary, we are enthusiastic about PATs’ potential but feel more learning and rigor is required around real-world efficacy, security, and privacy impact. By taking a prudent stance now, we can implement PATs safely over time without putting our customers or users at undue risk.

The Friendly Captcha PAT roadmap

Here are some of the key focus areas as we continue exploring PAT adoption:

  • Experimenting with prototype integrations in low-risk contexts to gain hands-on experience.
  • Developing strategies to selectively utilize PATs in user flows where they can enhance privacy without severely compromising security.
  • Closely tracking the standardization process and watching for any evidence of vulnerabilities or exploits.
  • Evaluating different issuers and mediators to determine optimal partnerships.
  • Exploring emerging complements like Google’s Private State Tokens framework that add adaptability.
  • Monitoring client support expansion to gauge real-world PAT viability across our user base.
  • Researching supplemental techniques like intelligent throttling that deter PAT abuse.
  • Planning awareness campaigns to educate customers and users on when and why PATs may come into play.

Our roadmap is to judiciously ramp up PAT usage in line with increasing platform support and proven security at scale. We want customers and users to enjoy the benefits without unnecessary risks.

Conclusion: The Road Ahead for Private Access Tokens

Private Access Tokens have the potential to meaningfully improve both user experience and privacy on the modern internet. However, realizing this potential will require responsible implementation and further maturation.

At Friendly Captcha we believe the way forward is to integrate PATs slowly rather than rushing into global dependence on them. With cautious use complementing robust legacy methods, PATs can be safely leveraged to enhance security and privacy over time.

We are committed to keeping customer needs and ethical data standards front and center throughout this process. Private Access Tokens are a promising development, but ensuring they are adopted smoothly will be an ongoing partnership between users, businesses, and technology platforms.

Protect your websites and web applications with Friendly Captcha: Experience a new level of privacy-compliant security without sacrificing user experience. Try Friendly Captcha free for 30 days and see the difference for yourself. Start Your Free Trial Today


When implemented correctly using vetted partners, PATs can securely validate authenticity. However, they should not wholly replace other bot-humanity checks. Ongoing auditing is advised.

You’ll need to retain backup options like proof-of-work or CAPTCHA. A layered approach is recommended to avoid excluding users on legacy platforms.

Monitor for sudden spikes in volume. Ensure your mediator properly vets client legitimacy. Apply throttling policies by factors like IP range.

User flows where security is critical like account registration may not be ideal PAT candidates.

Utilizing a vendor that provides privacy respecting server-side fingerprinting and behavioral analysis help fill the gaps. Emerging browser APIs like Private State Tokens and the controversial Web-Environment-Integrity also show promise for adaptable security.