Open in app

Sign in

Write

Sign in

This is how the reCAPTCHA protects payment transactions

Pranjal Ruhela
2 min readJun 8, 2023

--

ReCAPTCHA Enterprise is an advanced fraud prevention system developed by Google, to protect websites and online services from fraudulent activities. By leveraging machine learning and behavioural analysis, it distinguishes between humans and bots, reducing the risk of account takeover, fake account creation, and other forms of online fraud. It offers enhanced security while providing a streamlined user experience, minimizing disruption for legitimate users. It helps safeguard online platforms, protect user data, and maintain the integrity of online interactions. More than 6 million sites are leveraging this mechanism to avoid being a victim.

reCaptcha has grown 16 years from when the first captcha version got released by Google.

It keeps its radar up for manual attacks that are targeted in nature like fraudulent chargebacks ( Claiming that a transaction was unauthorized or fraudulent when in reality, the customer is intentionally attempting to deceive the bank or credit card company to obtain a refund they are not entitled to) and also keeps guard against scaled fraud attempts like card testing (stolen or compromised credit card information is used to make small transactions or test the validity of the card. The purpose of card testing is to determine if a stolen credit card is still active and can be used for larger fraudulent transactions without raising suspicion).

The reCAPCTHA system uses supervised and unsupervised learning to build trust while looking for behavioural signals that imply whether an activity is legit or a fraud. This tool can be used on several pages of your website like — the checkout page, the payment gateway, processor pages etc…

Its integration is fairly simple and also beneficial if you already have a fraud prevention codebase for your website with parameters set for your business requirements. Both can work in tandem for the best results in protection. Just include the <script> tag and add the necessary attributes within the HTML of the site.

How it works??

  • A risk score is published that can tell if the suspected behaviour on the website can be requested based on which it can be decided whether the activity is fraud.
  • It continuously keeps improving as most models do with feedback data.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Security
Payments
Fraud
Fraud Prevention
Machine Learning

--

--

Pranjal Ruhela
Pranjal Ruhela

Written by Pranjal Ruhela

159 Followers
55 Following

Being a smarter developer

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams