Given that at least half of the proposals here are based on variations of this scheme and the fact that the patents on the idea were issued almost 20 years ago, the chances of any particular CAPTCHA approach being the one selected as the winner seem quite small.
Computer security is actually really easy, quite trivial in fact. Provided that you only need to address one particular problem. Here the nuisance of robocalls is replaced by making the telephone system completely useless.
These PIN numbers discussed here are essentially just longer telephone numbers. So you have to either give them out to everyone with your telephone number or they have to wait on one of those awful robo-answering systems.
As for not reading the other ideas on the site. Well that is actually the whole point of the competition.
The proposal I put in is essentially 'all of the above'. The real problem with the telephone system is that it is an obsolete technology that is a pig to teach new tricks to. The real challenge is how to open up the telephone system to be more like the Internet so that it is possible for end subscribers to have more control over who calls them. In particular we have to make it possible to share intelligence on problem callers so that a nuisance caller who abuses their service ends up shredding their reputation and can't put any calls through.
Putting the burden onto users is completely unacceptable. The problem has to be solved without impact on either the caller or the receiver.
When a proposal depends on people's work ethic then it probably isn't a solution.
The reason that we succeeded with the Web was because the Web made access to Internet information really easy and the NCSA team made access to a Web browser really easy.
The reason that this is a $50,000 challenge is because they want the proposers to do the work so that the end users of the telephone system don't have to.
Each time you have to train an end user to do something it takes time and money. Some will be able to work it out from instructions but at least 5% will not figure it out and each of those will cost a $5 customer support call. With 300 million telephone users that runs to $75 million just in support calls.
A secret 4-digit pin is not necessary. One or two digits is sufficient, and you can disclose this pin (or "extension") number in the outgoing message itself.
Robots cannot dial extensions, even when they have been disclosed. Should they ever become capable of (the required voice recognition for) this there are still several ways to thwart them without creating too much inconvenience for your legitimate callers.
With the right wording added to your outgoing message, even human telemarketers are unlikely to ring through. “We do not accept any sales, political, charity, poll or market research calls. Telemarketers please hang up now.”
GabeA (Gabe1878A) posted this excellent distillation regarding the nuances to this challenge. He/She should have been a judge. The winning solutions are embarrassingly deficient ...
This problem has a lot more technical challenges than many here give it credit for:
1) You need to be able to screen ONLY robocalls out of the mix
2) You need to be able to detect who are the frequent offenders and block only them
3) you need to have a way for people that are erroneously locked out to authenticate themselves back into the phone system
4) you have to leave some tolerances for things like reverse 911 lookups, etc.
5) You need to have a totally scalable, easy to implement solution
6) You have to find a way to identify offenders so that switching numbers will not give them more than a minor (in my opinion, 3 or 4 call) advantage
7) You have to protect users' privacy.
There is no simple solution to this problem, and I'm a bit annoyed that people are proposing such simplistic, even childish, solutions.