Google, on Dec 3, 2014 brings up an improved version of reCAPTCHA - The "No CAPTCHA reCAPTCHA". Vinay Shet, Google's Product Manager for reCAPTCHA, announced the launch of a new API that will utilize an "Advanced Risk Analysis Engine" capable of weeding out spammers while accurately differentiating between human users and bots.
In an effort to make life easier for users, Google's new service will no longer ask anyone to parse blurry texts or retype fuzzy numbers from graphic images to prove that they're human. Instead, Google can now recognize you're not a robot with just a single click i.e. a simple check-box that asks you to agree you're not a robot. This is how it looks -
Credits- Google's online security blog
The new interface gets rid of complex reCAPTCHA challenges and simplifies it to a simple checkbox that beats the traditional reCAPTCHA with 99.8% accuracy.
To most of the users, the new No CAPTCHA reCAPTCHA API may sound too simple and easy from front-end. However, there is a high degree of sophistication & complexity involved in the back-end i.e. behind the simple checkbox. To ensure better experience for users, Google started working on the project last year and developed an Advanced Risk Analysis backend for reCAPTCHA that thoroughly scans the entire engagement of the user with the CAPTCHA to determine whether the user is not a robot.
From over a decade, CAPTCHAs have successfully relied on complex challenges and distorted texts to identify robots. But the new simplified checkbox cuts down the annoyance factor of alphabet soup scramble
But the reason Google started to find an alternative to fuzzy CAPTCHA is the Artificial Intelligence technology that can now solve complex distorted text at 99.8% accuracy while it no longer remains a dependable test.
How does Google's New No CAPTCHA reCAPTCHA work?
Many of you might be thinking- why can't robots (especially browser-based bots) automate the simple click if they can identify complex strings of distorted texts?, how can Google's New No CAPTCHA reCAPTCHA API claim to detect spammers with 99.8% accuracy?
The answer to all these questions is the Advanced Risk Analysis Engine that Google is using in backend to speculate mouse movements (prior to clicking and after clicking), track the path how users are moving their cursors; scan through browser cookies, click location history, keystrokes, scrolls and browser fingerprints. While faking the "organic" behaviour is difficult for bots, users can be assured that the new NO CAPTCHA reCAPTCHA will emerge successful in swatting bots.
The EXTRA VALIDATION Step: If after the click, Google is unsure whether you're a bot or a human, and smells something fishy, it will stick to the old styled CAPTCHA validation on desktops and image clue styles for mobile devices or tablets (images will be shown to you for comparison and Google will verify it with a single tap). This is how it appears -
Once Google shows this extra validation step, it starts an expiration timer so as to prevent bots from solving CAPTCHAs.
Should you adopt the new No CAPTCHA API on your site?
Developers can now implement the newly launched API by embedding only three lines of code (if you're already using the old CAPTCHA service) in order to experience the new No CAPTCHA reCAPTCHA.
So far, the new No CAPTCHA experience has been tested by a couple of websites like Snapchat, Wordpress and the Humble Bundle and is seeing great results. As per various sources, in the past week, Google is touting 60% of the Wordpress site traffic and 80% of Humble Bundle's traffic with the new reCAPTCHA service.
To implement the new API on your Wordpress site, you can simply add a new plugin that inserts Google's No CAPTCHA reCAPTCHA to protect their WP login, comment and registration forms from spam. Here is the direct download Link - https://wordpress.org/plugins/no-captcha-recaptcha/ . Just install the plugin, go to the setting page, simply paste it in your Google reCAPTCHA keys section and click the "Save All Changes" icon.
Then select the type of form in which you want to add the No CAPTCHA protection and you're all done.
We hope to see more internal changes to the Google's Risk Analysis engine in the coming year that will put forth new, more mobile friendly CAPTCHAs. Stay tuned to our news section for forthcoming news and useful information!!