Google has updated its Recaptcha verification tool to its third version, allowing website owners to weed out harmful traffic generated by bots without even requiring visitors to prove they’re human. The change also makes it easier for website visitors to log into their favorite sites without the wasted time and frustration of having to solve a puzzle to prove they’re a real human each time.
Google designed Recaptcha originally to help websites identify that their traffic was generated by human visitors, and help filter out robots that generate spam or automated abuse, but the search giant said that “the one-time verification didn’t fit every single use case.” Rather than requiring users to perform interactive tests — like clicking on a checkbox on a login page to prove that they’re a human — Recaptcha v3 now generates a score so website owners can determine if their traffic originated from bots.
“Recaptcha v3 returns a score for each request without user friction,” Google said of the update on its developer page. “The score is based on interactions with your site and enables you to take an appropriate action for your site.” Recaptcha will rank traffic and interactions based on a score of 0.0 to 1.0, with a 1.0 being a good interaction and scores closer to 0.0 indicating a good likelihood that the traffic was generated by bots.
Website owners can generate scripts to perform automated actions based on the traffic score. For instance, if Recaptcha v3 returns a low score, a website owner can use a script to require two-factor authentication or email verification as a login requirement for their sites. “As Recaptcha v3 doesn’t ever interrupt the user flow, you can first run Recaptcha without taking action and then decide on thresholds by looking at your traffic in the admin console,” Google added. “By default, you can use a threshold of 0.5.”
In a YouTube video demonstrating how Recaptcha v3 works, Google said that the verification can be added to different parts of a website, including for logging into accounts, posting reviews, or checking a site out to make purchases. When applied to product review pages, Rcaptcha helps to maintain the integrity of the website by being able to identify and filter fake reviews that are posted by bots.
“Recaptcha’s adaptive risk analysis engine takes in various signals about the interactions and predicts the likelihood the request was generated by a bot,” Google said. “It works best with context about how both humans and bots interact with your website. So for best performance, include Recaptcha in many places.”
For users and web surfers, the best part about Recaptcha v3 is that it eliminates friction when users log into sites as they no longer have to prove that they are human by checking on a box, typing in verification codes that are difficult to read, or performing puzzles.
