reCAPTCHA has defended the web for more than 14 years, and is protecting more than 5+ million websites on the Internet today. The heart of our mission has always been to be hard on bots and easy on humans. This is a challenge that evolves with all the new ways the web can be used and the increasing sophistication of bots. reCAPTCHA started with simple warped text. As bots got smarter, reCAPTCHA provided harder images for end users to solve. We recognize this race between the intelligence of AI and humans has made the users’ experience increasingly challenging. So, in the latest version of reCAPTCHA, reCAPTCHA Enterprise, we’ve created a new detection method that provides a frictionless experience for users, but is still effective at identifying bots.
reCAPTCHA Enterprise has been built on two primary principles that put end users first:
- Protect users
- Provide a frictionless user experience
Today, reCAPTCHA Enterprise is a pure security product. Information collected is used to provide and improve reCAPTCHA Enterprise and for general security purposes. We don’t use this data for any other purpose.
reCAPTCHA Enterprise has codified these requirements in our terms, which restrict reCAPTCHA Enterprise to be used to fight spam and abuse. It cannot be used for other purposes such as determining credit worthiness, employment eligibility, financial status, or insurability of a user. Additionally, none of the data collected can be used for personalized advertising by Google.
reCAPTCHA Enterprise has also increased the number of features, including integrated multi-factor authentication and password check, to protect against account takeovers and keep end users safe. You can learn more about this use case in a recent blog.
Provide a Frictionless User Experience
Since reCAPTCHA Enterprise was launched in 2018, the priority has been to integrate into as many web pages on a website as a frictionless solution. This means end users do not have to identify crosswalks or decrypt text before proceeding on a web page. reCAPTCHA Enterprise detects bots by observing on-page behavior rather than having users solve tests. reCAPTCHA’s adaptive risk analysis engine identifies attacker patterns more accurately by looking at activities across different pages on a website. This is more difficult for bots to mimic and reduces user friction. This can help improve your business’ individual goals such as customer satisfaction and brand loyalty.
The Future: A Total Fraud Solution
As reCAPTCHA Enterprise is now a frictionless solution, it can be installed across a website’s entire user experience to detect fraud and abuse. Users will be able to interact with a website secured by reCAPTCHA Enterprise without having to solve additional challenges or otherwise be impeded. Recognizing companies’ need for an integrated fraud solution, the reCAPTCHA Enterprise team is working to build a complete and integrated set of tools to defend against fraud all the way from a pageview, to login, through the final payment. This will not only provide a single solution for our customers to adopt, but it will also provide an integrated view of fraud across all user actions.
By: Cy Khormaee (Head of Product reCAPTCHA) and Aaron Malenfant (Technical Lead reCAPTCHA)
Source: Google Cloud Blog