Human Challenge: The Frictionless CAPTCHA

Researchers at HUMAN have found that 40% of real humans have at some point given up on a purchase because of CAPTCHA frustration. This is a big problem because customers are often served CAPTCHAs just at the point where they’re about to make a purchase or create an account on your platform.

A verification challenge as old as time

For the last 20+ years, many online platforms have used onerous CAPTCHA puzzles to differentiate between bots and human users. CAPTCHAs were a key checkpoint to defend against automated bots attacks, such as account takeover, transaction abuse, and scraping. And after 20+ years of evolution, CAPTCHAs must be pretty effective, right? Well…

The truth is, CAPTCHAs haven’t stood the test of time. After the first CAPTCHAs came out (remember those jagged letters and numbers?), bots evolved and were soon able to solve them. So, developers made CAPTCHAs even harder (enter image CAPTCHAs and other more creative puzzles). Rinse and repeat for 20+ years and you end up with CAPTCHAs so difficult that humans get frustrated trying to solve them.

To make matters worse, bots evolved faster than CAPTCHAs could keep up. So we’re left in a less than ideal situation:

  1. CAPTCHAs are getting harder and harder for humans to solve.
  2. Bots continue to solve them, no matter how hard they get.

We’ve learned that that you will never defeat automation by making CAPTCHAs harder to solve

Legacy CAPTCHAs hurt the user experience

It is clear that legacy CAPTCHAs don’t actually stop sophisticated bots. But they do deter some humans.

Legacy CAPTCHAs add friction and frustration to the buyer journey, which may drive user abandonment just at the point that they’re about to make a purchase. Customers who leave the page or fail to solve a CAPTCHA, even if only a subset of users, are still important, especially for large online businesses where a small percentage of abandoned carts represents a large amount of lost revenue.

Solving the CAPTCHA challenge

At HUMAN, we know that legacy CAPTCHAs aren’t working. So, we decided to take a different approach: Human Challenge. Human Challenge is a user-friendly, frictionless CAPTCHA solution, presented as a simple button that users “press and hold.” It’s privacy compliant, accessible, secure, and effective — with industry-leading features to detect even the most stealthy automated captcha solving bots. 


Human Challenge is not a puzzle for users to solve, Rather, it is a mechanism to gather more information about them. When users press and hold the button, HUMAN captures more data behind-the-scenes that allows us to more accurately make the bot or not decision. This dramatically reduces false positives and increases decision precision. 

One example is proof-of-work (PoW), a short puzzle for bots (instead of humans). When users click the Human Challenge button, PoW requires their device to complete a computational task. This is fairly easy for the typical user submitting a single request, but it takes a lot of energy and CPU cycles to perform computations like this at scale (for example, if your device is operating bots attempting thousands of logins per second). This makes it more expensive for cybercriminals to finish their attacks. 

PoW reflects HUMAN’s CAPTCHA philosophy. Instead of challenging real humans to prove they’re not bots, we challenge bots behind-the-scenes, without impacting user experience.

Adding friction is never the answer

Making CAPTCHAs harder and harder destroys your customer experience, without actually deterring sophisticated bots. So, HUMAN went in the opposite direction and made our CAPTCHA as easy as possible. Human Challenge takes a user-centric approach to provide the most frictionless CAPTCHA on the market. 

Human Challenge is offered as part of HUMAN Bot Defender, which accurately validates 99.99% of all human users without the need for further verification. It’s only for that remaining 0.01% of human users that Human Challenge comes into play. 

Human Challenge Abandonment

Human Challenge Solve Times

Although your customers will rarely encounter Human Challenge, when they do, there will only be minimal disruption. Among users who do see Human Challenge, abandonment rate is 3 to 5 times lower than Google reCAPTCHA. Bots, on the other hand, ignore the button and go no further, or press and hold to allow HUMAN to gather additional signals and block their path immediately. Whatever the response, Human Challenge provides additional intelligence that strengthens your protection against automated cyberattacks across the web.