Looking for a reCAPTCHA alternative?

Header Graphic-08

Unlike Google reCAPTCHA Arkose Labs empowers enterprises to:

deter-attacks-img

Deter sophisticated attacks long-term

increase-customer-img

Increase good customer throughput by 20%

gdpr-complaint-img

Remain GDPR compliant

Resilience to bots of all sophistication levels

Dramatically improve protection against automated threats, with AI-powered attack response that adapts with evolving attacks. Enterprise-grade protection from an intelligent platform that deploys the best response strategy for the attack signature.

reCAPTCHA Alternative
00%
uptick in good user experience

Good users are never frustrated

Robust protection against bot and fraud farm attacks without blocking or frustrating good users. Arkose Labs’ innovative approach provides a user-centric way to deal with inconclusive risk classifications and delivers an immediate impact on false-positive rates.

Get 70+ data attributes for your data model

{
  "session_risk": {
      "risk_category": "BOT-STD",
      "risk_band": "Medium",
      "global"
        {
          "score": "15",
          "telltales":[
          {
            "name": "g-h-cfp-1000000000",
            "weight": "7"
          }
          {
            "name": "g-os-impersonation-win",
            "weight": "8"
          }]
        }
        "custom"
        {
          "score": "15",
          "telltales":[
          {
            "name": "outdated-browser-yandex-2",
            "weight": "7"
          }
          {
            "name": "outdated-os-yandex",
            "weight": "8"
          }]
        }
    },
"session_details": {
        "solved": true,
        "session": "22612c147bb418c8.2570749403",
        "session_created": "2021-08-29T23:13:03+00:00",
        "check_answer": "2021-08-29T23:13:16+00:00",
        "verified": "2021-08-30T00:19:32+00:00",
        "attempted": true,
        "security_level": 30,
        "session_is_legit": false,
        "previously_verified": true,
        "session_timed_out": true,
        "suppress_limited": false,
        "theme_arg_invalid": false,
        "suppressed": false,
        "punishable_actioned": false,
        "telltale_user": "eng-1362-game3-py-0.",
        "failed_low_sec_validation": false,
        "lowsec_error": null,
        "lowsec_level_denied": null,
        "ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36",
        "ip_rep_list": null,
        "game_number_limit_reached": false,
        "user_language_shown": "en",
        "telltale_list": [
            "eng-1362",
            "eng-1362-game3-py-0."
        ],
        "optional": null
    },
"fingerprint": {
        "browser_characteristics": {
            "browser_name": "Chrome",
            "browser_version": "92.0.4515.159",
            "color_depth": 24,
            "session_storage": false,
            "indexed_database": false,
            "canvas_fingerprint": 1652956012
        },
        "device_characteristics": {
            "operating_system": null,
            "operating_system_version": null,
            "screen_resolution": [
                1920,
                1080
            ],
            "max_resolution_supported": [
                1920,
                1057
            ],
            "behavior": false,
            "cpu_class": "unknown",
            "platform": "MacIntel",
            "touch_support": false,
            "hardware_concurrency": 8
        },
        "user_preferences": {
            "timezone_offset": -600
        }
    },
"ip_intelligence": {
        "user_ip": "10.211.121.196",
        "is_tor": false,
        "is_vpn": true,
        "is_proxy": true,
        "is_bot": true,
        "country": "AU",
        "region": "New South Wales",
        "city": "Sydney",
        "isp": "Amazon.com",
        "public_access_point": false,
        "connection_type": "Data Center",
        "latitude": "-38.85120035",
        "longitude": "106.21220398",
        "timezone": "Australia/Sydney"
    },
"aggregations": {
      "ip":{
        "short_term": {
          "interval_minutes": 60,
          "count": 22,
          "threshold": 11
        },
        "long_term": {
          "interval_minutes": 720,
          "count": 22,
          "threshold": 50
        }
      }
    }
}
{
  "score": 0-100,
  "reasons": [
    enum (CLASSIFICATION_REASON_UNSPECIFIED, AUTOMATION, UNEXPECTED_ENVIRONMENT, TOO_MUCH_TRAFFIC, LOW_CONFIDENCE_SCORE)
  ]
}




Arkose Labs vs. reCAPTCHA Comparison

Detection Capabilities

FeaturesArkose LogoreCAPTCHA v3reCAPTCHA
Enterprise
Headless browser detection
Risk score
Risk score granularity100 Levels4 Levels11 Levels
Behavioral analysis
Behavioral biometrics
Device spoofing detection
Machine learning modelsAdvancedBasicBasic
Large-scale distributed crawler detection
Fraud farm detection
Truth data APIAdvancedNoneBasic
Insights / Real-time logging

Challenge-Response

FeaturesArkose LogoreCAPTCHA v3reCAPTCHA
Enterprise
Anti-bot challengeOptionalOptional
Fraud farm challenges
Machine vision resilience
Average solving time for good users5 seconds10 seconds10 seconds
Available in China
Customizable UI
Challenge typesRisk BasedFixedFixed
Accessibility optionsWCAG compliance

Platform & Security

FeaturesArkose LogoreCAPTCHA v3reCAPTCHA
Enterprise
Mobile SDK support
Data shared for risk modeling70+ fields2 fields2 fields
ManagementManaged by Arkose LabsManual for customerManual for customer
Monthly product updates
Reporting, analytics & visualizationAdvancedBasicBasic
Reason codesAdvancedNoneBasic

Services

FeaturesArkose LogoreCAPTCHA v3reCAPTCHA
Enterprise
24/7 SOC (Security Operations Center)Fully managedNoneBasic
Warranty
SLA GuaranteeBot Attack SLAUptime Only
Note: Data as of February 2022

Learn Why reCAPTCHA Enterprise is Ineffective at Stopping Sophisticated Bot Attacks

Digital businesses often complain that reCAPTCHA Enterprise has 3 major flaws: it’s not resilient to advanced bots, creates a negative user experience, and doesn’t properly secure user data.

Part of reCAPTCHA Enterprise’s appeal was that, despite its flaws, it was a free service. Now that it is no longer free for the vast majority of enterprises, what are your options?

While reCAPTCHA Enterprise fails to stop many advanced bot attacks, Arkose Labs’ market-leading bot prevention platform trumps the competition in these five major areas.

FAQs

Why is reCaptcha not good?

With the recent evolution of bots, reCAPTCHA is playing a losing battle. Even basic bots and off-the-shelf programs can easily bypass reCAPTCHA. This failure to stop bots is because reCAPTCHA has not kept pace with the evolution of bots. Some of the biggest limitations of reCAPTCHA include:

High False Positives: Most often reCAPTCHA classifies legitimate consumers as suspicious. To authenticate consumers, it introduces additional and unnecessary friction which disrupts their digital journeys. This is especially true for consumers who are not Google users or use VPNs.

Vulnerable to Advanced Bots: Advancement in image recognition software means they can solve most reCAPTCHA rather easily. Today, these solvers are easy to access and acquire. A simple web search for reCAPTCHA solvers can return several results that are available for as little as $20/year.

Pricing Model: Traditionally reCAPTCHA was free. However, reCAPTCHA Enterprise comes at a cost. Businesses must pay after the first 1 million assessments per month. These costs can be significantly high for businesses that have large traffic volumes such as eCommerce, gaming, and digital banking platforms. Even after making such large investments, they can’t rest assured of robust protection against sophisticated attacks.

Same Challenges: Although reCAPTCHA Enterprise claims to have reduced the challenges that consumers dislike, it still tests the suspicious traffic with the same, old tile-based reCAPTCHA. These old challenges are no match to the advanced bots and automated scripts and continue to frustrate legitimate consumers. Businesses can create their own challenge-response mechanism or outsource them. However, it will cost them additional time and money.

Data Privacy: To make risk decisions, reCAPTCHA Enterprise collects multiple consumer data points. Several data privacy laws across the world specify how much and what type of user data businesses can collect. Using reCAPTCHA Enterprise to collect consumer data may elevate the risk of non-compliance with these laws. Instead, businesses need a solution that collects the minimum amount of PII possible for its risk decisioning. 

Is there a way to bypass reCaptcha?

It is safe to say that reCAPTCHA is no match to evolving bots and automated scripts. Bots are increasingly evolving to become adept at solving puzzles. Advancement in image recognition software means automated solvers and off-the-shelf solutions can easily bypass reCAPTCHA. These solvers are easily available at ridiculously low prices and enjoy a high accuracy of over 70%.

Furthermore, reCAPTCHA risk analysis depends on Google cookies, which means consumers using Google products are highly likely to bypass the reCAPTCHA challenge.

How is Arkose better than reCaptcha?

Despite several attempts to improve reCAPTCHA with several versions, many lacunae and limitations still remain. The Arkose Labs Fraud and Abuse Defense Platform, on the other hand eradicates 100% of automated traffic and enables businesses to deflect attacks from skilled cybercriminals and human click farms. Arkose Labs goes beyond traditional fraud mitigation. We aim to deter fraud by bankrupting the business model of fraud. We erode the ROI from attacks, which forces attackers to give up on the attack and move on, all the while maintaining superlative consumer experience.

Here is how we do it: 

  • Accurate Classification: Arkose Labs analyzes hundreds of data points to create “telltales”, which help determine whether a consumer is suspicious or not. Our platform then segments the traffic into legitimate, a bot, or human click farm. This categorization informs the platform of any required secondary screening and the type of enforcement challenge to present.
  • Challenge and Interact: To understand the intent of traffic in a deterministic way, the platform pairs secondary screening with risk assessment. It tests and challenges high-risk traffic using interactive technology, causing all automated attacks to fail. It serves increasingly complex challenges to malicious humans, which increases the amount of time and effort it takes them to complete a challenge. This delay reduces the ROI and forces attackers to abandon the attacks. Legitimate consumers may not even see the challenges and those that do can solve it in under three seconds on an average. 

The platform can customize the type of challenge according to the nature of the human-driven attack. They can also appear as brand-specific challenges, which enhances the customer experience. Unlike reCAPTCHA, we design our challenges around gamification principles that consumers find fun to solve.

  • An Evolving Platform:  The Arkose Labs Fraud and Defense Platform combines risk assessments with challenges, which creates a continuous feedback loop. This continuous feedback improves fraud detection rates and decreases challenge rates for good users. It leverages embedded machine learning for advanced anomaly detection and evolving protection, taking the burden away from in-house teams. The feedback loop also ensures that legitimate consumers who do see a challenge, will not continue to do so in the future after they have solved it the first time. The Arkose Truth Data API can help send data to validate if a consumer ultimately was fraudulent or not, which can further train appropriate defenses for future or ongoing attacks. 

Clients also benefit from real-time logging (RTL), which is the detailed logs of user activity from Arkose Labs’ servers. These logs are sent to a client-specified endpoint, which may be a directly-run server or a third-party service designed to digest and package logging data for analysis.

Arkose Labs works on a no-block approach. Our Arkose Labs Fraud and Abuse Defence Platform instead challenges suspicious traffic. This approach drastically reduces false positives and improves good user throughput.

The platform provides powerful remediation and eradicates 100% of automated traffic, enabling businesses to deflect attacks from skilled cybercriminals and click farms.

To learn more about how we can help or to book a demo, click here.

The only platform to guarantee protection vs bots

Powerful protection against bots backed by a guaranteed mitigation SLA and industry-first $1M warranty.

Trusted by Global Brands

Hear why customers love working with Arkose Labs.

5/5
“We needed a more robust solution; we weren’t getting any insights into the data with our old solution. Arkose Labs provided us with custom data and insights that we can share across teams internally”.
Devin Ertel
CISO
“The difference between our past solution and Arkose Labs is night and day for us. Previous solutions created a bad user experience, while Arkose solves our problem with no added friction, and makes it fun for our users”.
Antoni Choudhuri
Engineering Director

“Our first line of defense against organized fraud is the Arkose Labs solution. We are delighted by the customization options and the high levels of service and attention we receive from the Arkose Labs team”.

Priya Bonthu
Engineering Leader

Stop bots, not customers.
Ready to get started?