Google Introduces reCAPTCHA 2

Security/ 04th Dec 2014/Dan Miller

Yesterday Google has released its new version of reCAPTCHA, a service it acquired back in 2009. Since Google acquired reCAPTCHA not much has changed until now.

What is reCAPTCHA?

reCAPTCHA is probably one of the most advanced CAPTCHA dialogs. It has been well renowned for its accuracy in preventing bots from submitting forms, but making it easier for humans to submit legitimate content. It uses snippets from news articles and books, splits them in to two separate words or a group of numbers and asks the end user to enter the text. Upon the correct text being entered, the user is able to submit the forms.

What is reCAPTCHA 2?

reCAPTCHA2 is the latest version of reCAPTCHA, launched to the public on 03rd December 2014. The latest version has taken feedback accumulated over the years, mostly feedback based on how horrific the user experience is when entering CAPTCHA text each time you wish to register to a website or use a contact form.

The latest version redefines CAPTCHA by the CAPTCHA software using Advanced Risk Analysis which “considers a user’s entire engagement with the CAPTCHA—before, during, and after—to determine whether that user is a human” – a somewhat easy task for Google based on the amount of information it holds. You simply click the checkbox, Google does the analysis in the background and determines whether or not you are legitimate or to issue a further set of questions to verify the legitimacy of your presence on the internet.

recaptcha2

So far with our initial testing, it appears that being logged in to a Google account is the biggest advantage. I found when not logged in to my Google account, I was prompted to enter the original-style CAPTCHA text as opposed to the one-click verify when I was logged in. We are sure there are other various factors considered such as ‘location’ of IP address.

Google have also made reCAPTCHA more mobile friendly. Away with entering text on mobile devices, you are now prompted with a ‘match the image’ problem to solve. Simply match a picture of a cat with the cat, match a picture of a leaf with a leaf, you get the gist.

Mobile Captcha

 

Why should I use CAPTCHA, or reCAPTCHA for that matter?

Good question! If you run any dynamic forms on your website such as contact forms, register pages, send to a friend links – basically anything that could potentially be open to abuse by sending lots of requests to generate a lot of data, these would all benefit from CAPTCHA implementation.

As mentioned above, reCAPTCHA is one of, if not the best in the industry. There are some very keen people working on the project and it’s all in a bid to better the internet.

We come across sites daily without CAPTCHA, and the developer / owner rarely notices that their site may actually be spamming people under their branding. Forums are usually the most susceptible to these kind of attacks, encouraging bots to sign up and start posting to the site. Stopping the bots signing up is relatively easy with reCAPTCHA and a lot of the big players in the forum software industry have either plugins or native support for reCAPTCHA.

For more information on reCAPTCHA, click here.

Born a northerner, matured a southerner and back to being northern again, Dan heads up the technical infrastructure at Clook. Dan has no children yet. It's hard enough as it is to look after his cats!
We have a very strong team here at Clook and we build on everyone's strengths and weaknesses, you have to be able to make a good brew too!

Chris James

Customer Login

Forgot Password? Cancel