Author: Vaidik Mandloi
Translators: Luffy, Foresight News
Since its launch in late 2022, ChatGPT has given rise to a vast ecosystem of AI agents. Currently, the total network traffic generated by such programs has surpassed that of all human users worldwide. The online behavior of AI agents is fundamentally different from that of humans: they don't view ads, click on links, or shop online. They simply scrape data from the web to complete tasks and leave immediately afterward.
The internet's original architecture and business logic were built around human behavior and usage patterns. Yet today, the vast majority of web visits are not from real people, which troubles major websites. Currently, 2.5 million websites have begun blocking AI crawlers, leading to lawsuits involving platforms like Perplexity. Cloud service provider Cloudflare has even built "honeypot labyrinths"—pages filled with AI-generated, nonsensical text in an infinite loop—to trap data crawlers.
However, some advanced AI agents have already developed the ability to bypass such protective measures. Faced with this escalating human-machine confrontation, the industry is now focused on developing a more reliable human identity verification mechanism. This system needs to accurately determine whether the operator on the other side of the screen is a human: human operation involves hesitation, typing errors, and subtle, involuntary jitters in cursor movement, characteristic of the human nervous system. This article will analyze the causes behind this shift, the two main technical approaches, and the choices people will face: accepting centralized biometric surveillance or adopting cryptographic zero-knowledge proof technology for anonymous human verification.
AI Disrupts the Internet Business Model
The root cause of websites blocking AI programs is that AI simultaneously undermines the commercial foundation on which the internet depends from two ends. Traditional internet profit logic is built on user attention: when users visit pages and view ads, content publishers earn revenue. If an AI is tasked with online shopping, it will search through 5,000 websites at once, whereas a human typically browses only four or five pages.
AI reads much faster than humans, capable of completing cross-website price comparisons or even placing orders in minutes, without generating any ad views. This means websites bear server operating costs without earning any revenue.
Simultaneously, AI search continues to divert website traffic. After Google added AI-generated summaries at the top of search results, only 8% of users clicked through to the original webpages, leading to a direct 33% drop in traffic from Google to major content sites. Within just one year of launch, this feature reached over 1 billion monthly active users, with platform query volumes doubling every quarter since its inception.
Many likely remember the learning Q&A platform Chegg. It once dominated the homework help business by leveraging its search ranking advantage but has now officially shut down its Q&A section, attributing its demise to the impact of ChatGPT. Content creators are caught in a pincer attack: on one side, crawlers scrape their content indiscriminately; on the other, AI summaries intercept traffic before users even reach the websites.
The data disparity is even more staggering. For every site visit OpenAI's crawler brings to a partner website, it previously scrapes data from 400 pages; for Anthropic, this ratio is 38,000:1. These companies freely use publicly available web data to train their AI models and then use the finished products to siphon off traffic that originally belonged to the websites.
In any other industry, such predatory data collection would have sparked countless lawsuits, but in the AI field, these companies achieve trillion-dollar valuations.
Your Body is the New Password
For the past 25 years, the internet has primarily relied on CAPTCHAs to distinguish humans from machines. People were asked to identify traffic signs or input distorted characters. This mechanism worked because machines' image recognition capabilities were far inferior to humans' in the past.
Now the situation is completely reversed. OpenAI's agent programs score far higher than humans on Google's human verification system, accurately clicking interfaces and copying/pasting content; AI-generated photos can fool identity verification systems, and deepfake video calls have even been used by criminals to complete bank transfers. The foundational premise of traditional verification methods—that machines are weaker than humans—no longer holds.
The industry must now focus on areas where AI cannot yet replicate human traits. These are the behavioral characteristics exhibited when humans operate electronic devices—behavioral biometrics. Companies like IBM and BioCatch are developing related systems. This technology verifies identity not just at login but monitors user behavior throughout the session, collecting data on cursor movement speed, page scrolling patterns, typing rhythm, keystroke pressure, text deletion/correction habits, phone holding angle, etc. The phone's gyroscope continuously records this information.
The system can also recognize details like the user's dominant hand and finger swipe trajectories. IBM needs only eight usage data points to create a unique user behavior profile, which is then continuously compared against baseline data during subsequent use.
BioCatch's technology can even identify online fraud scenarios. When a victim verbally reads out account passwords following a scammer's phone instructions, their frantic, interrupted typing rhythm is precisely captured by the system. In just one year, the system helped 257 banks identify approximately 2 million money laundering accounts. The EU has also begun piloting gait recognition technology. Just three years into the era of AI agents, EU border personnel are already collecting data on people's walking patterns.
Related research also incorporates the Stroop Effect: when the word "blue" is written in green font, the human brain experiences conflict between word meaning and visual color, slowing reaction time, but AI remains unaffected. Research shows this cognitive interference directly manifests in typing behavior. Platforms may not even need specific tests; by analyzing keystroke rhythms alone, they can determine if the operator is human. Typing habits contain unique signatures of human brain information processing.
Previous web tracking primarily recorded user browsing, clicking, and purchasing behavior. Users could evade this by blocking cookies, using VPNs, or disabling location services. However, behavioral biometrics captures innate human characteristics: cursor movement style and typing rhythm are difficult to consciously alter.
Each person's behavioral traits are as unique as a fingerprint. Unlike passwords or keys, this biometric profile cannot be changed or reset. Once this technology becomes widespread, all major platforms will be forced to adopt it. With voice simulation already capable of deceiving in calls and deepfake video technology following closely, a crucial question emerges if this is our future: who will ultimately control this human data?
Who Will Control the Human Verification System?
The industry is currently split into two main factions, each exploring human identity verification solutions.
The first is Sam Altman's World (formerly Worldcoin). Users must approach a spherical iris scanning device. The device captures iris information and generates an encrypted credential, proving the user is a unique natural person. Currently, 18 million people across 160 countries have completed iris registration. In April 2026, World partnered with dating app Tinder, video conferencing platform Zoom, and e-signature service DocuSign for user verification. It also collaborated with Coinbase to launch the AgentKit tool, allowing users to bind their AI agents to their verified identity. Platforms can confirm a human is behind the agent without accessing personal information.
However, iris scanning technology has been explicitly banned in several countries. The core reason for this resistance is that the public is unclear about the risks of authorizing biometric data collection. An investigation by MIT Technology Review also found that World, without proper authorization, privately collected multiple human vital signs data beyond the iris, including heart rate and respiration.
The second category is based on cryptographic zero-knowledge proofs (ZKPs), allowing you to prove you are human without revealing your real identity, location, or appearance. Vitalik Buterin proposed this concept as early as 2023. He argued that if a decentralized human identity system cannot be built, the internet will ultimately move toward centralized identity control. If the authority to verify identity is held by corporations or governments, surveillance mechanisms will become embedded in the network's foundation.
Large-scale attempts at decentralized human identity systems have been made before but ultimately failed. Idena was one of the first blockchain projects championing "one person, one identity." Within just two years of launch, 40% of network accounts and 48% of rewards were controlled by 23 entities. Account operation teams in places like India and Russia hired ordinary people at wages under one dollar per hour to lend their identities, reaping profits up to 55 times higher. Researchers also found that even children's identities were used as puppet accounts.
Vitalik had anticipated such risks. He stated that for human verification systems, the lowest-cost attack isn't deepfakes or advanced hacking but paying people in low-income regions to rent out their identities. Any human verification system requires financial support: iris scanners and on-chain verification nodes need ongoing investment.
Yet once identity credentials gain economic value, a black market for identity lending emerges. In a world of stark wealth inequality, the capital-rich will inevitably dominate such markets.
"Forcing a one-person-one-vote rule in a system with actual economic incentives will ultimately repeat the failures of similar social experiments in the 20th century."
Objectively, both development paths have clear flaws. The centralized approach can achieve scale but places users' biometric data in the hands of corporations prone to over-collection—corporations that themselves profit from the current bot infestation. The cryptographic approach theoretically protects privacy but struggles to overcome real-world economic imbalances, leaving it vulnerable to exploitation by gray-market industries.
If forced to choose, I would still bet on the cryptographic approach. This is because behavioral biometrics and centralized iris scanning permanently record your bodily information, and the ownership of that data belongs to the entity that deploys the system. Once they have your data, you cannot delete or transfer it; it remains locked with the company that collected it.
Even knowing zero-knowledge proofs might be exploited, they are still worth developing because they confirm you are human without requiring more information. Conversely, abandoning this path means a future where every website we visit retains our behavioral data. Today, this centralized, surveillance-prone approach is being implemented far faster than the cryptographic alternative.
