The Gausebeck-Levchin test is one of the earliest uses and the first commercial application of CAPTCHA, a Completely Automated Public Turing Test for separating computers and humans. Created by engineer David Gausebeck and Max Levchin, the security test was utilized by PayPal in 2001. Gausebeck and Levchin didn’t invent CAPTCHA, which was developed by Carnegie Mellon researchers in 1999, but their version was the first to scale. The Gausebeck–Levchin test displays distorted text that is difficult for programs but easy for humans to recognize.
The rapid rise of PayPal led to it being targeted by fraudsters using bots to create accounts. As Chief Technology Officer of PayPal, one of Max Levchin’s responsibilities was keeping the PayPal service safe and free of fraud. Levchin immersed himself in chat rooms and online forums where people targeting PayPal spent time. He found varying levels of sophistication among the company's attacks, with some using bots to open a large number of new accounts, taking advantage of the company's $10 and $20 bonuses. Levchin and his team began looking for a solution to the problem of bots on PayPal.
David Gausebeck, an engineer on Levchin's team, suggested a test based on deciphering images, in particular OCR—Optical Character Recognition. Levchin had seen hackers use distorted words on the Usenet and other forums he frequented. Gausebeck recalls:
So I was thinking that night about, What are problems that are easy for a human to solve and hard for a computer solve?... And recognizing letters seems the archetypal example of that. I wrote an email to Max saying 'Why don't we put images of characters and require a user to them in? And that'll be hard to automate'
Gausebeck said by the time he arrived at the office the next day, Levchin was already halfway through building it.