The history of FunCaptcha and Arkose Labs: gamifying the Turing test

Most CAPTCHA vendors sell you a Turing test. Show the visitor a warped string or a grid of crosswalks, score the answer, decide human or machine. FunCaptcha started from a different premise, and the premise was almost a joke: what if you handed the bot a little 3D puzzle, watched it flail, and made the flailing expensive? Not impossible. Expensive. A bot can eventually solve a rotate-the-animal puzzle. The question Arkose Labs kept asking was whether it could afford to solve a million of them, each one slightly different, each one demanding a freshly executed script and a fresh round of GPU inference, all to register one throwaway account that nets a few cents of fraud.

That reframing, from “prove you are human” to “prove you can afford to be here,” is the through-line of this company’s whole history. It runs from a game developer in Brisbane who got bored of machine-vision demos, through a rebrand that buried the cheerful name under a Greek place-name, to a verification layer that now sits in front of Twitter signups, Roblox logins and the ChatGPT message box. This post follows that arc. We start with Kevin Gosschalk and the original swipe-and-rotate challenge, then the SwipeAds-to-Arkose rename and the “bankrupt the business of fraud” thesis it was built to sell, then the MatchKey challenge suite and how a single puzzle expands into hundreds of thousands of labelled images, then the token flow that ties a solved puzzle to a server verdict, and finally where the product sits in 2026 after the AI-agent wave arrived.

A game developer who got bored of machine vision

Kevin Gosschalk trained as a game programmer, not a security engineer. He holds a Bachelor of Interactive Entertainment in programming and game design from the Queensland University of Technology, and his early work sat at the intersection of interactive machine-vision technology and video games, the kind of project where a camera tracks your hand and a character on screen moves. That background matters, because it shaped the way he thought about CAPTCHAs from the start. To a game designer, a challenge is something you tune for difficulty and fun, not something you bolt on as a gate. The puzzle is the product.

Before Arkose existed under any name, Gosschalk ran a company called SwipeAds, founded around 2013 and aimed at ad fraud. The verification idea grew out of that work. The first commercial form, FunCaptcha, appeared in the mid-2010s as a deliberate reaction to the text CAPTCHAs everyone already hated. Instead of transcribing a smeared word, you rotated an image of an animal or an object until it sat upright, dragging in increments until the orientation looked right. The pitch wrote itself: it was faster, it worked on touchscreens where typing distorted text is miserable, and it did not lean on the user’s ability to read English. By the time independent researchers got hold of it, the challenge had a clear shape. A 2017 study in Computers & Security analysed FunCAPTCHA as a rotation task, where the user adjusts an image in fixed angular steps until it is vertical, and built a machine-learning attack against exactly that geometry.

*Key dates from SwipeAds through the Arkose rebrand to the 2026 Titan platform. The 2014-15 FunCaptcha launch window is approximate; Arkose has not published an exact first-release date.*

It is worth being honest about that 2017 paper, because it cuts against the marketing. The researchers reported a high automated solve rate against the rotation challenge of the day, the kind of result that should have killed the product. It did not, and the reason is the whole story. Arkose never claimed a puzzle would be unsolvable. The rotation challenge could be beaten by a model trained to recognise “upright.” So could the next one, and the one after. What the company bet on was that beating each new variant cost the attacker fresh effort, and that the defender could mint new variants faster than the attacker could train against them. That is a different game from reCAPTCHA’s, and a different game from the one academic CAPTCHA-breaking papers were scoring. The history of CAPTCHA is largely a history of challenges that got broken and retired; FunCaptcha’s wager was that getting broken was survivable if breaking stayed expensive.

From SwipeAds to Arkose: the name change and the thesis under it

The rename happened around 2016. SwipeAds and the FunCaptcha brand became Arkose Labs, with Gosschalk as founder and CEO, the company moving its centre of gravity from Brisbane toward the United States while keeping engineering roots in Australia. By 2026 the company lists its US headquarters in San Francisco with offices in Brisbane, London and Costa Rica. “Arkose” is a geology term, a coarse sandstone, which tells you nothing about CAPTCHAs and everything about wanting to be taken seriously by enterprise buyers who were not going to write “FunCaptcha” into a security architecture diagram.

The rename came with a thesis the company has repeated almost word for word ever since. The phrase Arkose uses is that it “bankrupts the business model of fraud.” The argument runs like this. A fraudster running fake-account creation, credential stuffing or scalping is a business. That business has unit economics: cost per attempt against revenue per successful attempt. Most defences try to detect and block, which is a classification problem the attacker can chip away at. Arkose’s claim is that classification alone cannot win, because a sufficiently motivated attacker will eventually pass the classifier, and the moment they do, the cost of the next million attempts drops to near zero. The company’s own framing, from its blog, is blunt: “the only durable response is making attacks cost more than they’re worth,” and detect-and-block “can’t change those economics.” The CAPTCHA, in this telling, is not a Turing test. It is a meter that charges the attacker compute and time on every single attempt, whether or not any individual attempt succeeds.

This is why the company talks about a CAPTCHA as a “cost-proof solution, not a Turing test.” The distinction is real and it shapes the engineering. If your goal is a perfect human-bot classifier, you optimise the challenge for human-easy and bot-hard, then panic when a model closes the gap. If your goal is to impose cost, you optimise for variety and for forcing honest client-side execution, and a model that solves one variant is merely the start of a treadmill you control. The economics of running an anti-bot vendor reward whoever can keep that treadmill spinning cheaply on the defence side while keeping it expensive on the attack side.

It is useful to put this next to reCAPTCHA, because the two products represent the two answers the industry gave to the same problem. Google’s reCAPTCHA spent its early life as a Turing test that also did useful labour: transcribing scanned books, then street numbers, then training image classifiers off the click-the-traffic-lights grid. Its trajectory, traced in the history of reCAPTCHA, moved toward invisibility, scoring sessions in the background and only showing a challenge when the risk signal demanded it. The puzzle, in reCAPTCHA’s world, became a fallback. Arkose went the other way. It kept the interactive challenge at the centre and treated it not as a labelling chore or a classifier but as a billing event. Two companies, the same decade, opposite conclusions about what the little box in the corner of a login form is actually for. One decided the challenge was a cost to be hidden; the other decided the challenge was the product.

The reason that matters historically is that Arkose’s answer aged differently as machine learning got cheaper. When solving a grid of images costs an attacker almost nothing because a commodity model does it, a Turing-test CAPTCHA loses its grip. A cost-meter CAPTCHA degrades more gracefully, because cheaper inference lowers the attacker’s cost but the defender can raise challenge variety in response, keeping the ratio roughly where they want it. That is the bet, anyway. It is not a law of nature, and the moment defenders run out of cheaply-generated variety the bet stops paying. But it explains why a 2017 paper that “broke” FunCaptcha did not end the company, while equivalent breaks of static challenges elsewhere quietly retired them.

*The thesis in one picture. A classifier collapses to near-zero marginal cost the moment an attacker passes it once; a cost meter aims to keep the per-attempt price high across variant churn. This is Arkose's stated model, not an independent measurement.*

The money followed the thesis. A $22 million Series B closed in March 2020, led by M12, Microsoft’s venture fund, with PayPal and USVP joining, after the company reported roughly 400% revenue growth in 2019. A $70 million Series C led by SoftBank Vision Fund 2 followed in May 2021, with Wells Fargo Strategic Capital, M12 and PayPal Ventures participating, bringing total funding to $114 million at the time. The Series C press release carried the headline verb directly: raised “to bankrupt the business of fraud.” Gosschalk framed the SoftBank tie-up around “disrupting the economic ROI for bad actors.” Australian press later put the cumulative raise around $180 million across investors that by then included SoftBank, Microsoft, Wells Fargo, Sony and PayPal.

The challenge, and why variety is the weapon

So what does the puzzle actually do, mechanically? The visible part is a small interactive task rendered in an iframe. Over the years it moved from rotating a single image to the broader set Arkose now markets as MatchKey, launched on 6 December 2022: pick the object matching a reference, rotate a 3D model to match a twin, count or compare items, follow a short logic instruction, or answer an audio prompt for accessibility. The point of the suite is breadth. A solver tuned for “rotate the animal upright” is useless against “select the dice that add to seven,” and useless again against a 3D twin-matching task with lighting that changes per render.

The numbers Arkose publishes for MatchKey are about hand-labelling cost, and they are the clearest statement of the cost thesis in concrete terms. The company says its strongest challenges can require an attacker to hand-label on the order of half a million individual images to train a reliable solver, which it estimates at more than 25,000 human hours. Whether those exact figures hold up under scrutiny is not independently verified, and you should read them as vendor claims. But the structure of the claim is what matters: the defender generates challenge variants procedurally and cheaply, while the attacker must assemble a labelled training set by hand for each new variant family. That asymmetry is the entire pitch, and it is the same logic that makes a CAPTCHA-solving pipeline economically fragile when the target keeps rotating its challenge set.

There is a second, quieter mechanism that matters more than the pictures. Arkose calls the model “MatchKey,” and the name hints at it: solving the visible puzzle is not sufficient. The browser also has to prove it honestly executed a script the server handed it for that session. At challenge time the client is served JavaScript, sometimes referenced in observed traffic by names containing strings like dapib, which it must run to compute a response parameter tied to the session. Skip the execution and submit a correct answer anyway, and the answer is rejected. This is the part that turns a picture puzzle into something closer to a proof-of-work and runtime-attestation check. The puzzle filters humans; the script execution filters the runtime. A headless solver that posts the right coordinates but never ran the prescribed code looks, to the server, like exactly what it is.

The token flow: from public key to verdict

The integration shape is documented well enough through Arkose’s public developer material and through third-party solver APIs that describe the fields they need. The exact internal layout of the encrypted payload is not public; what follows is the integration surface a site operator sees plus what observers consistently report, and where it is inferred from traffic rather than documented I say so.

A site that buys Arkose embeds the widget with a public key, a GUID, exposed in the page as a data-pkey attribute or as a hidden fc-token field. The widget loads from an Arkose subdomain, typically client-api.arkoselabs.com or a customer-specific variant such as the much-cited *-api.arkoselabs.com per-customer subdomains, and the service URL the client talks to is carried in a field commonly called surl. When a challenge is required, the client gathers environment signals into a blob, sometimes referred to as bda or just “blob,” and posts it to the Arkose endpoints to obtain a session and then a challenge. Solver-service documentation describes an optional data[blob] parameter that some integrations require, an enterprise-grade extra payload the host page generates and hands to the widget.

The signals packed into that blob are the usual fingerprinting set. Independent write-ups consistently list user-agent, screen and viewport dimensions, WebGL render timings, mouse-movement traces and references to previously issued tokens, bundled and obfuscated before transmission. This is the same surface every modern anti-bot agent collects, the stuff covered in detail under JavaScript runtime fingerprinting and canvas fingerprinting. What Arkose adds on top is the enforced-execution step: the blob and the challenge response only validate if the session-specific script actually ran in a real-enough environment to produce the expected computed parameter.

*The integration surface a site operator sees. Field names (data-pkey, surl, blob/bda) come from Arkose developer docs and third-party solver APIs; the internal encrypted payload layout is not published, so the compute-match-key step is inferred from observed traffic.*

When the user finishes, the widget produces a verification token, a string the host page posts to its own backend, which then calls Arkose server-to-server to confirm it. The token itself is structured and partly human-readable in observed examples, carrying the public key, a region code, and the service URL alongside the opaque verification material, something like a token value followed by r= region, pk= public key and surl= fields. The site’s backend never trusts the token on its face; it asks Arkose whether the token is valid and what verdict the session earned. That server-side confirmation is the part that makes a stolen or replayed token close to worthless, the same design principle behind server-side scoring pipelines at other vendors. The puzzle is theatre for the user. The token-plus-verification handshake is where the security actually lives, and it mirrors the broader pattern across the bot-mitigation industry of pushing the verdict to a server the client cannot influence.

One detail worth flagging because it confuses people: not every Arkose session shows a puzzle. The system can run in a suppressed or transparent mode where, if the session’s risk signals look clean, no visible challenge appears and the token is issued silently. The visible puzzle is the high-friction fallback for sessions that look risky. This is the same two-tier idea as reCAPTCHA v3 scoring invisibly and only escalating when needed, except Arkose’s escalation is an interactive game rather than a checkbox.

Deployments: gaming first, then everything

Arkose grew up in gaming and account-fraud, which is where fake accounts and credential stuffing hit hardest. The customer list the company has named over the years reads like a who’s-who of platforms with bot problems: Microsoft as a long-time customer, plus GitHub, Electronic Arts, Sony Interactive Entertainment, Roblox, Dropbox, Singapore Airlines and Twilio across various announcements. If you have created a Roblox account or hit a login wall on a game storefront and been asked to rotate a little 3D creature, you have met Arkose.

The deployment that put the company in the general-news cycle was Twitter. Arkose’s bot protection was in place at Twitter before Elon Musk’s 2022 acquisition, and it became part of the backdrop to the whole bot-count fight that nearly sank the deal, the one where Musk accused the company of resisting his requests for data on fake accounts. Arkose was one of the few outside vendors to survive the post-acquisition cost-cutting at what became X. Gosschalk, an Australian, landed on the Financial Review Young Rich List on the back of it, the local press running headlines about the man “fighting bots for Elon Musk.” For a CAPTCHA company, that is an unusual amount of mainstream attention, and it came precisely because the bot question had become a billion-dollar contract dispute.

Then came the model that the gamified-CAPTCHA pitch was almost designed for. In 2023, OpenAI put an Arkose FunCaptcha challenge in front of ChatGPT, and users started reporting the modal appearing when they tried to send messages, especially under load or from flagged sessions. An AI company using a CAPTCHA built on the premise that AI is expensive to scale against puzzles is a tidy piece of symmetry. It also stress-tested the thesis in public. Arkose pushed a MatchKey update in early 2023 that broke a wave of automated solvers until they re-trained, a visible instance of the treadmill turning. The solvers came back, because they always do. The question was never whether they could come back. It was how much it cost them each time.

*Customers Arkose has named across press releases and funding announcements. Twitter/X and OpenAI (orange) are the deployments that pushed the company into mainstream news. Not exhaustive, and some relationships predate the named announcements.*

Where it sits in 2026

The product kept moving. By late January 2026 Arkose had announced Arkose Titan, pitched as a unified platform aimed not only at scripted bots but at AI agents and human fraud farms, the company arguing that the line between “bot” and “human operator paid to click” had blurred enough that a CAPTCHA challenge alone was no longer the whole answer. The cost thesis survived intact, just stretched across more attacker types. Whether you are a Python script, a browser-automation rig, an LLM agent, or a person in a click farm, the platform’s job is the same: make your next attempt cost more than the last one earned you.

That arc, from a Brisbane game programmer’s rotate-the-animal demo to a fraud platform defended by a “bankrupt the business” slogan and several hundred million dollars of venture money, is a clean illustration of how the bot-mitigation industry reframed its own problem. The Turing-test instinct, the urge to build a perfect human detector, never went away at the other vendors, and it never fully worked either, because any classifier is a target. Arkose’s contribution to the genre was to stop pretending the classifier could win and to instrument the loss. A solver will beat the current MatchKey variant. Arkose’s bet, and it is still a bet, is that by the time the solver is reliable, the variant has changed and the labelled training set is stale and the 25,000 hours have to be spent again.

There is a quiet irony in where this ended up. FunCaptcha was sold as the friendly CAPTCHA, the one that was supposed to be fun. The 3D-creature puzzles in front of a ChatGPT prompt are not fun, and nobody pretends otherwise anymore. The name “Fun” was retired into the corporate “Arkose” precisely because the product’s real value was never the user’s enjoyment. It was the attacker’s bill. Strip away the cheerful framing and what’s left is a meter, ticking up a small charge on every machine that tries to pass as a person, betting that the charges add up faster than the fraud does.

---

Sources & further reading

• Arkose Labs (2021), Arkose Labs Raises $70 Million Led by SoftBank Vision Fund 2 to Bankrupt the Business of Fraud — Series C details, $114M total funding, the cost-of-fraud thesis in the company’s own words.
• Arkose Labs (2020), Arkose Labs Raises $22 Million in Series B Round Led by M12, Microsoft’s Venture Fund — Series B, 400% revenue growth, named customers including Roblox, EA and Twilio.
• Arkose Labs / PR Newswire (2022), Arkose Labs Launches Arkose MatchKey — 6 Dec 2022 launch, the half-million-images and 25,000-hours hand-labelling claims.
• Arkose Labs (2024), CAPTCHA: A Cost-Proof Solution, Not a Turing Test — the argument that detect-and-block can’t change attacker economics.
• Arkose Labs, About Us — Gosschalk’s machine-vision and game-development background, current office locations.
• Arkose Labs / Australian Financial Review reprint (2022), Meet the Young Rich Lister Fighting Bots for Elon Musk — the Twitter deployment, ~$180M cumulative raise, Gosschalk profile.
• SecurityWeek (2019), Microsoft, PayPal Invest in Anti-Fraud Startup Arkose Labs — independent coverage of the early funding and customer base.
• Hossen, Li et al. / Computers & Security (2017), Using machine learning to identify common flaws in CAPTCHA design: FunCAPTCHA case analysis — academic analysis of the early rotation challenge and an automated attack against it.
• 2Captcha, Arkose Labs FunCaptcha solver API documentation — third-party reference for the integration fields: websitePublicKey/data-pkey, funcaptchaApiJSSubdomain, data[blob].
• Kentavr / Medium (2023), FunCaptcha (Arkose Labs): Principles of Operation, Features, and Methods — researcher write-up describing the session-script execution requirement and the blob/telemetry surface.
• OpenAI Developer Community (2023), “I’m tired of chatgpt-4 modal (Arkose CAPTCHA)” — primary user reports of the ChatGPT FunCaptcha deployment.