Rather eye opening study here from MIT. 

The premise is that site-authentication images increase security because customers will not enter their passwords if they do not see the correct image, said Stuart Schechter, a computer scientist at the M.I.T. Lincoln Laboratory.  From the study we learned that the premise is right less than 10 percent of the time.

Source: Study Finds Security Flaws on Web Sites of Major Banks – New York Times

It will be interesting to see the responses of those Banks’ that use PassMark. 

My first question is ‘ who commissioned the study?’.  This may provide some clues as to where this came from, the motivation, and whether objective or not.

I would add in defense of PassMark (owned by RSA) that the picture validation, is a very small component of the overall security architecture, both within PassMark, and alongside the other security measures Banks’ implement.  This survey chooses to deal with on aspect only.

DISCLOSURE:  I have no connection with RSA or PassMark. I have worked with them in a vendor relationship, in the past to implement their solutions.