Wave goodbye to checkbox verification tests
Google has marked a new development in the ongoing fight against bots, spam, and online abuse with the launch of reCAPTCHA v3.
The latest version of the tech firm’s popular user verification tool shuns the ‘I’m not a robot’ checkbox authentication model in favor of an intelligent, score-based system.
In v3, the reCAPTCHA JavaScript API returns a risk analysis score for each request, based on site interactions.
Site owners can decide what action to take for low-scoring results, such as requiring email verification for risky logins, sending spammy posts to moderation, or filtering out fake friend requests.
Importantly, given that reCAPTCHA v3 will never interrupt users, Google said web admins can now integrate it wherever they like across their sites without fear of having an impact on conversion rates.
“reCAPTCHA works best when it has the most context about interactions with your site, which comes from seeing both legitimate and abusive behavior,” Google said in the v3 developers’ guide.
“For this reason, we recommend including reCAPTCHA verification on forms or actions as well as in the background of pages for analytics.”
Developed by academics at Carnegie Mellon University in 2007, Google purchased reCAPTCHA in 2009.
Over the years, the service has received numerous improvements, moving from type-the-word challenges to ones that pulled images from Google Street View.
Version 2 of the service was rolled out in 2014, introducing the now well-known verification checkbox, which uses a closely-guarded authentication algorithm.
In a promotional video for reCAPTCHA v3, Google said: “The reCAPTCHA... checkbox changed the way to protect your websites, but its one-time verification doesn’t fit every use case.
“reCAPTCHA v3 does away with the need for interactive tests and gives you a score to let you know when you have risky traffic. It never interrupts users, so you’re in control of when to run risk analysis and what to do with the results.”