How reCAPTCHA v3 turns a page visit into a 0.0 to 1.0 risk score: the grecaptcha.execute flow, the action tags, the signals Google admits to, the reason codes, and why the score is really a reputation lookup.
Traces how reCAPTCHA v2 actually works: the anchor checkbox, the bframe image-grid challenge, the api2 anchor/reload/userverify endpoints, and the g-recaptcha-response token from issuance to its two-minute expiry.
What reCAPTCHA Enterprise adds over the free v3 tier: reason codes, Account Defender, MFA, eleven score levels, password-leak detection over private set intersection, the assessment API, and the per-assessment pricing model.
A head-to-head technical comparison of hCaptcha and reCAPTCHA: how each scores traffic, where their score scales invert, the image-challenge design, the privacy split, and the 2020-era migrations that put hCaptcha on millions of sites.
Twenty-eight years of trying to tell humans from machines, traced through the original patents, papers, and announcements. Distorted text, reCAPTCHA, the checkbox, invisible scoring, signed agents.
How reCAPTCHA went from a crowdsourced OCR project at Carnegie Mellon in 2007 to Google's invisible risk-scoring engine, traced through the original Science paper, announcements, and version changes.