{"id":3647,"date":"2026-04-10T07:36:31","date_gmt":"2026-04-10T07:36:31","guid":{"rendered":"https:\/\/www.captcha.eu\/?p=3647"},"modified":"2026-04-10T07:43:25","modified_gmt":"2026-04-10T07:43:25","slug":"wat-is-onzichtbare-captcha","status":"publish","type":"post","link":"https:\/\/www.captcha.eu\/nl\/wat-is-onzichtbare-captcha\/","title":{"rendered":"Wat is onzichtbare CAPTCHA? Hoe het werkt en waarom het belangrijk is"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large is-resized\"><img data-dominant-color=\"d3e2ef\" data-has-transparency=\"false\" loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" src=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-1024x576.jpg\" alt=\"Illustration of an invisible CAPTCHA system showing a website form, a ghost symbolizing hidden verification, and a dashboard labeled \u201cProof of Work\u201d confirming \u201cUser Verified\u201d through automated background checks.\" class=\"wp-image-3654 not-transparent\" style=\"--dominant-color: #d3e2ef; width:1200px;height:auto\" srcset=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-1024x576.jpg 1024w, https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-300x169.jpg 300w, https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-768x432.jpg 768w, https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-1536x864.jpg 1536w, https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-18x10.jpg 18w, https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg 1920w\" \/><figcaption class=\"wp-element-caption\">captcha.eu<\/figcaption><\/figure>\n\n\n\n<p>Invisible CAPTCHA aims to verify users in the background with little or no visible interaction: no puzzles, no checkboxes, no friction for most users. But &#8220;invisible&#8221; covers two fundamentally different technical approaches, and some implementations still step up to visible challenges for traffic they cannot classify. Understanding the difference helps you choose the right solution and avoid the hidden compliance and accessibility costs of the wrong one.<\/p>\n\n\n\n<p class=\"wp-block-yoast-seo-estimated-reading-time yoast-reading-time__wrapper\"><span class=\"yoast-reading-time__icon\"><svg aria-hidden=\"true\" focusable=\"false\" data-icon=\"clock\" width=\"20\" height=\"20\" fill=\"none\" stroke=\"currentColor\" style=\"display:inline-block;vertical-align:-0.1em\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 24 24\"><path stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"M12 8v4l3 3m6-3a9 9 0 11-18 0 9 9 0 0118 0z\"><\/path><\/svg><\/span><span class=\"yoast-reading-time__spacer\" style=\"display:inline-block;width:1em\"><\/span><span class=\"yoast-reading-time__descriptive-text\">Estimated reading time: <\/span><span class=\"yoast-reading-time__reading-time\">1<\/span><span class=\"yoast-reading-time__time-unit\"> minute<\/span><\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link has-input-field-color has-primary-background-color has-text-color has-background has-link-color has-border-color has-border-border-color wp-element-button\" href=\"https:\/\/www.captcha.eu\/login\" style=\"border-width:1px\">Try CAPTCHA.eu free &#8211; no credit card<\/a><\/div>\n\n\n\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link has-sky-blue-color has-background-background-color has-text-color has-background has-link-color has-border-color has-border-border-color wp-element-button\" href=\"https:\/\/docs.captcha.eu\/\" style=\"border-width:1px\">View all integrations<\/a><\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-medium-font-size wp-elements-7689e4fadbe20407810c2578730084d5\" id=\"h-at-a-glance\" style=\"color:#2b7ca4\">At a Glance<\/h2>\n\n\n\n<div class=\"wp-block-premium-container premium-container-6b0f48600725  alignfull premium-is-root-container\"><div class=\"premium-container-inner-blocks-wrap\">\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-vk5ml\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-vk5ml \"><div class=\"eb-infobox-vk5ml eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\"><strong><strong><strong>What it is<\/strong><\/strong><\/strong><\/h3><p class=\"description\">Verification that runs automatically in the background with little or no visible interaction: no puzzles or checkboxes for most users, while bots are stopped.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-u178n\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-u178n \"><div class=\"eb-infobox-u178n eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\"><strong><strong><strong><strong>Two very different approaches<\/strong><\/strong><\/strong><\/strong><\/h3><p class=\"description\">Behavioral tracking (surveillance-based) vs. proof-of-work (computation-based). Same outcome for users, but completely different data collection, cookie, and GDPR implications.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-gu5or\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-gu5or \"><div class=\"eb-infobox-gu5or eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\"><strong><strong><strong>Why the choice matters<\/strong><\/strong><\/strong><\/h3><p class=\"description\">Behavioral systems often require cookies and a consent banner. Proof-of-work systems need neither. And Stanford research found traditional CAPTCHA reduces form conversions by up to 40%; invisible CAPTCHA can materially reduce or eliminate that drop-off.<\/p><\/div><\/div><\/div><\/div><\/div>\n<\/div><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n<div class=\"root-eb-toc-mvnk2 wp-block-essential-blocks-table-of-contents\"><div class=\"eb-parent-wrapper eb-parent-eb-toc-mvnk2 \"><div class=\"eb-toc-container eb-toc-mvnk2  eb-toc-is-not-sticky eb-toc-collapsible eb-toc-initially-not-collapsed eb-toc-scrollToTop style-1 list-style-none\" data-scroll-top=\"false\" data-scroll-top-icon=\"fas fa-angle-up\" data-collapsible=\"true\" data-sticky-hide-mobile=\"false\" data-sticky=\"false\" data-scroll-target=\"scroll_to_toc\" data-copy-link=\"false\" data-editor-type=\"\" data-hide-desktop=\"false\" data-hide-tab=\"false\" data-hide-mobile=\"false\" data-itemCollapsed=\"false\" data-highlight-scroll=\"false\"><div class=\"eb-toc-header\"><h2 class=\"eb-toc-title\">What this guide covers<\/h2><\/div><div class=\"eb-toc-wrapper \" data-headers=\"[{&quot;level&quot;:2,&quot;content&quot;:&quot;At a Glance&quot;,&quot;text&quot;:&quot;At a Glance&quot;,&quot;link&quot;:&quot;at-a-glance&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Why visible CAPTCHA became a problem&quot;,&quot;text&quot;:&quot;Why visible CAPTCHA became a problem&quot;,&quot;link&quot;:&quot;why-visible-captcha-became-a-problem&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;What invisible CAPTCHA actually means&quot;,&quot;text&quot;:&quot;What invisible CAPTCHA actually means&quot;,&quot;link&quot;:&quot;what-invisible-captcha-actually-means&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;The two types of invisible CAPTCHA: why the difference matters&quot;,&quot;text&quot;:&quot;The two types of invisible CAPTCHA: why the difference matters&quot;,&quot;link&quot;:&quot;the-two-types-of-invisible-captcha-why-the-difference-matters&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Invisible CAPTCHA and accessibility&quot;,&quot;text&quot;:&quot;Invisible CAPTCHA and accessibility&quot;,&quot;link&quot;:&quot;invisible-captcha-and-accessibility&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Invisible CAPTCHA and conversion rates&quot;,&quot;text&quot;:&quot;Invisible CAPTCHA and conversion rates&quot;,&quot;link&quot;:&quot;invisible-captcha-and-conversion-rates&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Which flows benefit most from invisible CAPTCHA&quot;,&quot;text&quot;:&quot;Which flows benefit most from invisible CAPTCHA&quot;,&quot;link&quot;:&quot;which-flows-benefit-most-from-invisible-captcha&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;The EU dimension: GDPR, ePrivacy, and the cookie question&quot;,&quot;text&quot;:&quot;The EU dimension: GDPR, ePrivacy, and the cookie question&quot;,&quot;link&quot;:&quot;the-eu-dimension-gdpr-eprivacy-and-the-cookie-question&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;How to evaluate an invisible CAPTCHA for your website&quot;,&quot;text&quot;:&quot;How to evaluate an invisible CAPTCHA for your website&quot;,&quot;link&quot;:&quot;how-to-evaluate-an-invisible-captcha-for-your-website&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Frequently Asked Questions&quot;,&quot;text&quot;:&quot;Frequently Asked Questions&quot;,&quot;link&quot;:&quot;frequently-asked-questions&quot;},{&quot;level&quot;:2,&quot;content&quot;:&quot;Related reading&quot;,&quot;text&quot;:&quot;Related reading&quot;,&quot;link&quot;:&quot;related-reading&quot;}]\" data-visible=\"[true,true,false,false,false,false]\" data-delete-headers=\"[{&quot;label&quot;:&quot;At a Glance&quot;,&quot;value&quot;:&quot;at-a-glance&quot;,&quot;isDelete&quot;:true},{&quot;label&quot;:&quot;Why visible CAPTCHA became a problem&quot;,&quot;value&quot;:&quot;why-visible-captcha-became-a-problem&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;What invisible CAPTCHA actually means&quot;,&quot;value&quot;:&quot;what-invisible-captcha-actually-means&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;The two types of invisible CAPTCHA: why the difference matters&quot;,&quot;value&quot;:&quot;the-two-types-of-invisible-captcha-why-the-difference-matters&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;Invisible CAPTCHA and accessibility&quot;,&quot;value&quot;:&quot;invisible-captcha-and-accessibility&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;Invisible CAPTCHA and conversion rates&quot;,&quot;value&quot;:&quot;invisible-captcha-and-conversion-rates&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;Which flows benefit most from invisible CAPTCHA&quot;,&quot;value&quot;:&quot;which-flows-benefit-most-from-invisible-captcha&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;The EU dimension: GDPR, ePrivacy, and the cookie question&quot;,&quot;value&quot;:&quot;the-eu-dimension-gdpr-eprivacy-and-the-cookie-question&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;How to evaluate an invisible CAPTCHA for your website&quot;,&quot;value&quot;:&quot;how-to-evaluate-an-invisible-captcha-for-your-website&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;Frequently Asked Questions&quot;,&quot;value&quot;:&quot;frequently-asked-questions&quot;,&quot;isDelete&quot;:false},{&quot;label&quot;:&quot;Related reading&quot;,&quot;value&quot;:&quot;related-reading&quot;,&quot;isDelete&quot;:true}]\" data-smooth=\"true\" data-top-offset=\"\"><div class=\"eb-toc__list-wrap\"><ul class='eb-toc__list'><li><a href=\"#why-visible-captcha-became-a-problem\">Why visible CAPTCHA became a problem<\/a><li><a href=\"#what-invisible-captcha-actually-means\">What invisible CAPTCHA actually means<\/a><li><a href=\"#the-two-types-of-invisible-captcha-why-the-difference-matters\">The two types of invisible CAPTCHA: why the difference matters<\/a><li><a href=\"#invisible-captcha-and-accessibility\">Invisible CAPTCHA and accessibility<\/a><li><a href=\"#invisible-captcha-and-conversion-rates\">Invisible CAPTCHA and conversion rates<\/a><li><a href=\"#which-flows-benefit-most-from-invisible-captcha\">Which flows benefit most from invisible CAPTCHA<\/a><li><a href=\"#the-eu-dimension-gdpr-eprivacy-and-the-cookie-question\">The EU dimension: GDPR, ePrivacy, and the cookie question<\/a><li><a href=\"#how-to-evaluate-an-invisible-captcha-for-your-website\">How to evaluate an invisible CAPTCHA for your website<\/a><li><a href=\"#frequently-asked-questions\">Frequently Asked Questions<\/a><\/ul><\/div><\/div><\/div><\/div><\/div>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-f5d3637e81b2236e56370fa631a3413b\" id=\"h-why-visible-captcha-became-a-problem\" style=\"color:#2b7ca4\">Why visible CAPTCHA became a problem<\/h2>\n\n\n\n<p>Traditional CAPTCHA made a reasonable assumption: show users something a computer cannot easily solve (a distorted word, a grid of traffic lights, a simple checkbox), and the ones who pass are probably human. For a while, that worked. Then two things changed simultaneously.<\/p>\n\n\n\n<p>First, AI-powered solving tools became capable of defeating most visual challenges faster and more accurately than humans. AI-powered solving tools and CAPTCHA-solving services have significantly weakened the security value of visual CAPTCHA challenges; automated solvers now handle many common formats with high accuracy. CAPTCHA farms, services that route challenges to human workers in real time, handle everything else. The security argument for visual CAPTCHA weakened significantly.<\/p>\n\n\n\n<p>Second, the cost to legitimate users became harder to justify. A Stanford University study found that traditional CAPTCHA reduces form conversions by up to 40%. Users with visual impairments, motor disabilities, or cognitive differences face challenges that are not just inconvenient but genuinely unusable. The W3C&#8217;s own documentation on CAPTCHA accessibility concludes that interactive challenges create fundamental accessibility barriers that alternatives and workarounds do not fully resolve.<\/p>\n\n\n\n<p>Those two pressures together, declining security effectiveness and rising user cost, drove the market toward invisible verification. The question is what invisible actually means in practice, because the answer differs significantly across implementations.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-02c72bb7f7acf6d6a86fa1301d6c63ed\" id=\"h-what-invisible-captcha-actually-means\" style=\"color:#2b7ca4\">What invisible CAPTCHA actually means<\/h2>\n\n\n\n<p>An invisible CAPTCHA verifies users without asking them to do anything. There is no checkbox to click, no image to interpret, no text to type. Verification runs automatically in the background while the user fills in a form, loads a page, or navigates a protected endpoint. By the time they press submit, the check is already done.<\/p>\n\n\n\n<p>From the user&#8217;s perspective, the experience is identical whether they are verified immediately or whether a more intensive check runs, because they never see either. That is the user experience benefit: zero friction for real users, zero abandonment caused by a security step they did not even notice.<\/p>\n\n\n\n<p>From a technical perspective, however, invisible does not describe a single method. It describes an outcome (no visible interaction) that two very different architectures achieve in very different ways. One watches what users do. The other makes a user&#8217;s computer do background work. Both produce the same frictionless result, but the underlying mechanics, the data they collect, and the compliance obligations they create are completely different.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-bf94cb6717598a4b6b720d51e05581f2\" id=\"h-the-two-types-of-invisible-captcha-why-the-difference-matters\" style=\"color:#2b7ca4\">The two types of invisible CAPTCHA: why the difference matters<\/h2>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-1ofse\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-1ofse \"><div class=\"eb-infobox-1ofse eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\">The distinction most articles miss<\/h3><p class=\"description\">Invisible CAPTCHA sounds like one thing but covers two entirely different architectures. One watches what you do. The other makes your browser do a small amount of computational work. That difference determines your privacy exposure, your GDPR compliance position, whether you need a cookie consent banner, and whether users with disabilities ever encounter a challenge. The outcome for most users looks the same. Everything underneath is different.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-type-1-behavioral-surveillance-based\">Type 1: Behavioral (surveillance-based)<\/h3>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-751ox\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-751ox \"><div class=\"eb-infobox-751ox eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\">Type 1: Behavioral &#8211; Examples: reCAPTCHA v3, hCaptcha invisible mode, Cloudflare Turnstile (partly)<\/h3><p class=\"description\">These systems observe what users do and collect signals: mouse movement patterns, typing cadence, scrolling behavior, browser fingerprint, IP reputation, and sometimes cross-site history. These run through a risk model and return a score. The site operator decides what to do with the score: allow the user, block them, or present a challenge.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<p>Behavioral systems are highly effective at distinguishing typical human interaction patterns from bot traffic. When abundant behavioral signals are available, they work well. The privacy and compliance implications, however, are significant:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Collecting behavioral data, including mouse movements, typing patterns, and device characteristics, constitutes personal data processing under GDPR in most interpretations, requiring a lawful basis and documentation.<\/li>\n\n\n\n<li>Many behavioral systems set cookies. Google confirms that the&nbsp;<code>_grecaptcha<\/code>&nbsp;cookie remains after the April 2026 reCAPTCHA processor change. That cookie requires assessment under national ePrivacy rules, separate from GDPR analysis. In many EU jurisdictions, non-essential cookies require explicit consent regardless of the GDPR lawful basis for the underlying processing.<\/li>\n\n\n\n<li>When behavioral signals are limited (because a user employs a VPN, privacy browser, or ad blocker, or because assistive technology creates atypical interaction patterns), the risk score rises and the system may present a visible challenge. These users are disproportionately likely to be legitimate users with privacy preferences or accessibility needs. Invisibility is not guaranteed for everyone.<\/li>\n<\/ul>\n\n\n\n<p>Invisible does not mean cookieless. A CAPTCHA that is invisible to users can still set tracking cookies, collect behavioral data, and trigger consent requirements under the ePrivacy Directive. Invisibility describes the user experience, not the data architecture. For European website operators, those are two separate compliance questions that require separate analysis.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-type-2-proof-of-work-computation-based\">Type 2: Proof-of-work (computation-based)<\/h3>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-3do8z\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-3do8z \"><div class=\"eb-infobox-3do8z eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\">Type 2: Proof-of-work &#8211; Examples: CAPTCHA.eu, Friendly Captcha, ALTCHA<\/h3><p class=\"description\">These systems ask the user&#8217;s browser to solve a small cryptographic puzzle in the background. The browser performs a computation, generates a verifiable proof, and submits it with the form. Proof-of-work is the security foundation: no cookies, no persistent user profiles, no cross-site tracking. Many modern implementations also layer in contextual signals (request timing, environment characteristics) to scale puzzle difficulty adaptively, without profiling individual users.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<p>For a legitimate user, this computation completes invisibly while they fill in the form, typically in well under a second. For a bot attempting thousands of requests per minute, every single attempt requires solving that computational puzzle. The cost of the attack scales linearly with volume, making large-scale automated attacks economically impractical rather than merely inconvenient.<\/p>\n\n\n\n<p>This is the key structural difference between proof-of-work and behavioral approaches. Behavioral systems raise an alarm when they detect suspicious patterns. Proof-of-work systems raise the cost of every attempt, suspicious or not. Rate limiting says &#8220;you may only try X times per minute.&#8221; Proof-of-work says &#8220;each attempt costs computation.&#8221; A distributed attacker can evade rate limits by spreading requests across thousands of IPs. They cannot evade proof-of-work without solving the puzzle every time.<\/p>\n\n\n\n<p>The strongest proof-of-work implementations combine PoW with contextual signal analysis, looking at request patterns, timing, and environmental characteristics, to scale puzzle difficulty based on risk without profiling individual users. CAPTCHA.eu uses this layered approach: cryptographic proof-of-work forms the security foundation, and contextual signals inform how demanding that puzzle is for any given request. The result is more adaptive security than pure PoW alone, with the same privacy-first architecture: no cookies, no cross-site tracking, no individual user profiles built or stored.<\/p>\n\n\n\n<p>Friendly Captcha takes a similar layered approach, combining PoW with what they describe as a &#8220;global risk database&#8221;: a shared pool of threat intelligence across their customer base. That shared-database model is effective but introduces a cross-customer data aggregation layer. CAPTCHA.eu&#8217;s signal analysis operates per-request without aggregating data across sites or customers, which is a meaningful distinction for organisations with strict data minimisation requirements.<\/p>\n\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-wn97p\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-wn97p \"><div class=\"eb-infobox-wn97p eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\">Why proof-of-work is genuinely cookieless, even with signal analysis<\/h3><p class=\"description\">Unlike behavioral systems that rely on cookies for cross-session identification, proof-of-work CAPTCHA does not need cookies to function. Verification relies on the cryptographic proof. Contextual signals (timing, environment) that modern implementations use to scale puzzle difficulty are evaluated per-request and do not require persistent browser storage or cross-session tracking. No cookies are set by the CAPTCHA layer, which removes the technical basis for a cookie consent requirement under ePrivacy in most EU jurisdictions. No consent management overhead is introduced when you add it to a login or registration flow.<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-behavioral-vs-proof-of-work-at-a-glance\">Behavioral vs. proof-of-work at a glance<\/h3>\n\n\n\n<p>The comparison between the two approaches is clearest in a table:<\/p>\n\n\n\n<figure class=\"wp-block-riovizual-tablebuilder is-style-regular rv_tb-e6037535-33ba-4ddd-9be6-14417a6b5d39 is-scroll-on-mobile\" rv-tb-responsive-breakpoint=\"768px\"><table class=\"\"><thead><tr><th class=\"rv_tb-cell rv_tb-row-0-cell-0 rv_tb-rs-row-0-cell-0 rv_tb-cs-row-0-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">CHARACTERISTICS<\/div><\/div><\/div><\/th><th class=\"rv_tb-cell rv_tb-row-0-cell-1 rv_tb-rs-row-0-cell-1 rv_tb-cs-row-0-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">BEHAVIORAL (RECAPTCHA V3, HCAPTCHA)<\/div><\/div><\/div><\/th><th class=\"rv_tb-cell rv_tb-row-0-cell-2 rv_tb-rs-row-0-cell-2 rv_tb-cs-row-0-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">PROOF-OF-WORK (CAPTCHA.EU, FRIENDLY CAPTCHA)<\/div><\/div><\/div><\/th><\/tr><\/thead><tbody><tr><td class=\"rv_tb-cell rv_tb-row-1-cell-0 rv_tb-rs-row-1-cell-0 rv_tb-cs-row-1-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>User interaction required<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-1-cell-1 rv_tb-rs-row-1-cell-1 rv_tb-cs-row-1-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Never (unless flagged)<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-1-cell-2 rv_tb-rs-row-1-cell-2 rv_tb-cs-row-1-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Never<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-2-cell-0 rv_tb-rs-row-2-cell-0 rv_tb-cs-row-2-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>Data collected<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-2-cell-1 rv_tb-rs-row-2-cell-1 rv_tb-cs-row-2-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Behavioral signals, device fingerprint, potentially cross-site history<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-2-cell-2 rv_tb-rs-row-2-cell-2 rv_tb-cs-row-2-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Cryptographic proof-of-work plus contextual signal analysis; no cookies, no individual user profiles, no cross-site tracking<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-3-cell-0 rv_tb-rs-row-3-cell-0 rv_tb-cs-row-3-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>Cookies set<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-3-cell-1 rv_tb-rs-row-3-cell-1 rv_tb-cs-row-3-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Yes (e.g.\u00a0_grecaptcha persists after April 2026)<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-3-cell-2 rv_tb-rs-row-3-cell-2 rv_tb-cs-row-3-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">No<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-4-cell-0 rv_tb-rs-row-4-cell-0 rv_tb-cs-row-4-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>ePrivacy consent likely needed<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-4-cell-1 rv_tb-rs-row-4-cell-1 rv_tb-cs-row-4-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Yes, in most EU jurisdictions<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-4-cell-2 rv_tb-rs-row-4-cell-2 rv_tb-cs-row-4-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">No<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-5-cell-0 rv_tb-rs-row-5-cell-0 rv_tb-cs-row-5-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>Falls back to visible challenge<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-5-cell-1 rv_tb-rs-row-5-cell-1 rv_tb-cs-row-5-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Yes, for users flagged as suspicious<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-5-cell-2 rv_tb-rs-row-5-cell-2 rv_tb-cs-row-5-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">In most implementations: difficulty adjusts invisibly with no visual challenge. Some PoW products also offer optional step-up verification for higher-risk cases.<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-6-cell-0 rv_tb-rs-row-6-cell-0 rv_tb-cs-row-6-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong><strong>Security mechanism<\/strong><\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-6-cell-1 rv_tb-rs-row-6-cell-1 rv_tb-cs-row-6-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Risk scoring based on behavioral surveillance<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-6-cell-2 rv_tb-rs-row-6-cell-2 rv_tb-cs-row-6-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">Computational cost per request; scales with attack volume<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-7-cell-0 rv_tb-rs-row-7-cell-0 rv_tb-cs-row-7-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong>Accessibility impact<\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-7-cell-1 rv_tb-rs-row-7-cell-1 rv_tb-cs-row-7-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">AT users may trigger false positives and receive visible challenges<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-7-cell-2 rv_tb-rs-row-7-cell-2 rv_tb-cs-row-7-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">In challenge-free implementations, fully accessible by architecture. Some PoW products also offer optional step-up verification for higher-risk cases.<\/div><\/div><\/div><\/td><\/tr><tr><td class=\"rv_tb-cell rv_tb-row-8-cell-0 rv_tb-rs-row-8-cell-0 rv_tb-cs-row-8-cell-0\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\"><strong>EU data hosting<\/strong><\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-8-cell-1 rv_tb-rs-row-8-cell-1 rv_tb-cs-row-8-cell-1\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">US-based (Google, Cloudflare) unless EU endpoint selected<\/div><\/div><\/div><\/td><td class=\"rv_tb-cell rv_tb-row-8-cell-2 rv_tb-rs-row-8-cell-2 rv_tb-cs-row-8-cell-2\"><div class=\"rv_tb-element\"><div class=\"rv_tb-text-wrap rv_justify cell-element-0\"><div class=\"rv_tb-text\">CAPTCHA.eu: Austria; Friendly Captcha: Germany<\/div><\/div><\/div><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<div class=\"wp-block-group has-vivid-cyan-blue-background-color has-background is-content-justification-center is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:2rem;padding-bottom:2rem\">\n<h3 class=\"wp-block-heading has-text-align-center has-background-color has-text-color has-large-font-size\" id=\"h-captcha-eu-proof-of-work-invisible-captcha-austria-hosted\">CAPTCHA.eu: proof-of-work invisible CAPTCHA, Austria-hosted<\/h3>\n\n\n\n<p class=\"has-text-align-center has-background-color has-text-color\">No image puzzles. No cookies. No behavioral profiling. All data processed in Austria under EU law. Independently certified by T\u00dcV Austria against WCAG 2.2 AA. 100 free verifications to start.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-de3b580a wp-block-buttons-is-layout-flex\" style=\"margin-top:3rem\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-body-text-color has-background-background-color has-text-color has-background wp-element-button\" href=\"https:\/\/www.captcha.eu\/login\">Start free trial<\/a><\/div>\n\n\n\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background-color has-text-color wp-element-button\" href=\"https:\/\/docs.captcha.eu\/\">See all integrations<\/a><\/div>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-3678e3f969d6ae218d89c94911fe9d14\" id=\"h-invisible-captcha-and-accessibility\" style=\"color:#2b7ca4\">Invisible CAPTCHA and accessibility<\/h2>\n\n\n\n<p>Accessibility is where the two approaches diverge most visibly in practice. For most users, both look identical: nothing happens. For users who rely on assistive technologies, the difference matters.<\/p>\n\n\n\n<p>Behavioral CAPTCHA systems determine risk based on interaction patterns. Users who navigate with keyboard-only input, screen readers, switch access devices, or other assistive technologies produce interaction patterns that differ from typical mouse-and-keyboard users. These atypical patterns can trigger elevated risk scores, causing the system to fall back to a visible challenge. The user who most needs frictionless access is the one most likely to receive friction.<\/p>\n\n\n\n<p>The W3C&#8217;s Inaccessibility of CAPTCHA note documents this tension directly: &#8220;the very nature of the interactive task inherently excludes many people with disabilities.&#8221; WCAG 2.2&#8217;s Success Criterion 3.3.8 (Accessible Authentication, Level AA) goes further, prohibiting cognitive function tests in authentication flows. This criterion became legally binding under the European Accessibility Act for businesses serving EU customers from June 2025.<\/p>\n\n\n\n<p>Proof-of-work CAPTCHA sidesteps this entirely. There is no challenge to trigger, no pattern to misread, no fallback that excludes anyone. The cryptographic computation runs the same way regardless of how the user navigates, what device they use, or what assistive technology is active. There is no accessible alternative to provide because no challenge is presented to begin with.<\/p>\n\n\n\n<p>CAPTCHA.eu holds independent WCAG 2.2 AA certification from T\u00dcV Austria, verified against the full accessibility standard. That certification covers the verification flow itself, not just the surrounding interface.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-0b155f6c29c77a132de3253f04bbb352\" id=\"h-invisible-captcha-and-conversion-rates\" style=\"color:#2b7ca4\">Invisible CAPTCHA and conversion rates<\/h2>\n\n\n\n<p>The business case for invisible CAPTCHA is straightforward: verification that users never notice cannot cause them to abandon a form. Traditional CAPTCHA creates a distinct step in a flow that previously had none. Some users abandon at that step. Invisible CAPTCHA removes or significantly reduces that friction.<\/p>\n\n\n\n<p>Stanford University research quantified the friction: traditional CAPTCHA challenges reduce form conversions by up to 40%. Research from HUMAN Security found that 40% of real shoppers had abandoned a purchase specifically because of CAPTCHA friction. These numbers reflect a specific type of high-intent user: someone who wanted to complete the action but stopped because of the security check.<\/p>\n\n\n\n<p>The flows where this matters most are exactly the flows most likely to carry CAPTCHA: login, registration, checkout, contact forms, and password reset. These are the highest-value interactions on most websites. Invisible CAPTCHA protects them without becoming a source of drop-off within them.<\/p>\n\n\n\n<p>Proof-of-work can add a secondary conversion benefit because challenge-free implementations do not step up to visible puzzles when signals are limited or ambiguous. Behavioral systems that show challenges to &#8220;suspicious&#8221; users also show challenges to privacy-conscious users, VPN users, and assistive technology users, groups that behavioral scoring tends to misclassify. Proof-of-work treats all of these users identically: invisible verification, no challenge, zero friction.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-ae6c92c94481dff0f034d7ad0abe9231\" id=\"h-which-flows-benefit-most-from-invisible-captcha\" style=\"color:#2b7ca4\">Which flows benefit most from invisible CAPTCHA<\/h2>\n\n\n\n<p>Invisible CAPTCHA improves security and user experience on any flow where bot traffic creates a problem. Prioritise these endpoints first:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Login forms.<\/strong>&nbsp;The primary target for credential stuffing and brute force attacks. Invisible CAPTCHA raises the computational cost of every login attempt, making large-scale automated attacks impractical without any impact on legitimate users.<\/li>\n\n\n\n<li><strong>Registration and account creation.<\/strong>&nbsp;Bots create fake accounts for fraud, spam, and promotional abuse. Invisible CAPTCHA at registration blocks bulk fake account creation before it reaches your database.<\/li>\n\n\n\n<li><strong>Password reset flows.<\/strong>&nbsp;Attackers use reset flows to enumerate valid accounts or initiate account takeover. Protecting the reset endpoint with invisible CAPTCHA adds a layer without adding friction at an already frustrating moment for legitimate users.<\/li>\n\n\n\n<li><strong>Contact and lead forms.<\/strong>&nbsp;Form spam drives operational cost: it fills CRM systems with junk data and wastes team time. Invisible CAPTCHA reduces spam submissions without affecting genuine enquiries.<\/li>\n\n\n\n<li><strong>Checkout and payment flows.<\/strong>&nbsp;Carding attacks test stolen card numbers at scale against checkout endpoints. Invisible CAPTCHA raises the cost of each test attempt and protects revenue without slowing legitimate customers.<\/li>\n\n\n\n<li><strong>API authentication endpoints.<\/strong>&nbsp;Often overlooked because they lack a visual interface, API endpoints are frequent targets for automated abuse. Invisible CAPTCHA integrates at the API layer without changing the developer experience for legitimate callers.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-0299eea9916514b587bb486a85d5b147\" id=\"h-the-eu-dimension-gdpr-eprivacy-and-the-cookie-question\" style=\"color:#2b7ca4\">The EU dimension: GDPR, ePrivacy, and the cookie question<\/h2>\n\n\n\n<p>European website operators face a specific compliance question that most invisible CAPTCHA articles do not address directly: even if a CAPTCHA is invisible to users, does it create cookie or data processing obligations that require a consent banner?<\/p>\n\n\n\n<p>The answer depends on the type of invisible CAPTCHA you use, and it is not the same answer for both types.<\/p>\n\n\n\n<p>For behavioral invisible CAPTCHA, the answer is often yes. Google confirms in its own April 2026 FAQ that the\u00a0<code>_grecaptcha<\/code>\u00a0cookie persists unchanged after the reCAPTCHA controller-to-processor switch. That cookie requires assessment under national ePrivacy rules, a separate analysis from GDPR. In most EU member states, non-essential cookies require opt-in consent before they are set. Whether the\u00a0_grecaptcha cookie qualifies as essential for security purposes is a legal question that depends on implementation and jurisdiction, and regulators in France (CNIL) and Austria have found that reCAPTCHA deployments without proper consent frameworks were non-compliant. The practical result: behavioral invisible CAPTCHA frequently requires a cookie banner update and potentially a consent flow that the word &#8220;invisible&#8221; might lead you to believe you had avoided.<\/p>\n\n\n\n<p>For proof-of-work invisible CAPTCHA, the answer is no for the CAPTCHA layer itself. No cookies are set, no persistent browser storage is used, and no behavioral personal data is collected or transmitted by the CAPTCHA mechanism. For cookieless proof-of-work CAPTCHA, the CAPTCHA layer typically removes the cookie-consent question and materially reduces compliance overhead. Operators should still document the service accurately in their privacy notice and vendor-review materials. CAPTCHA.eu processes all data in Austria under EU jurisdiction, with a standard DPA available. All processing takes place within EU jurisdiction.<\/p>\n\n\n\n<p>For website operators who have already invested in consent management infrastructure, this may seem like a smaller distinction. For operators trying to minimise compliance overhead on login and authentication flows, where asking for cookie consent before logging in creates its own usability problems, it is a significant practical difference.<\/p>\n\n\n\n<p>The analysis above describes the general technical and legal framework. Specific compliance obligations depend on your implementation, applicable national law, and the advice of your legal counsel. For more detail on how the April 2026 reCAPTCHA changes affect GDPR compliance specifically, see our analysis:&nbsp;<a href=\"https:\/\/www.captcha.eu\/is-google-recaptcha-gdpr-compliant-in-2026\/\">Is reCAPTCHA GDPR-Compliant in 2026?<\/a><\/p>\n\n\n\n<div class=\"wp-block-group has-vivid-cyan-blue-background-color has-background is-content-justification-center is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:2rem;padding-bottom:2rem\">\n<h3 class=\"wp-block-heading has-text-align-center has-background-color has-text-color has-large-font-size\" id=\"h-add-invisible-cookieless-captcha-to-your-login-flow-today\">Add invisible, cookieless CAPTCHA to your login flow today<\/h3>\n\n\n\n<p class=\"has-text-align-center has-background-color has-text-color\">CAPTCHA.eu integrates in minutes with WordPress, TYPO3, Keycloak, Magento, and custom stacks. Austria-hosted, no cookies, no puzzles, no compliance overhead.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-de3b580a wp-block-buttons-is-layout-flex\" style=\"margin-top:3rem\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-body-text-color has-background-background-color has-text-color has-background wp-element-button\" href=\"https:\/\/www.captcha.eu\/login\">Start free trial<\/a><\/div>\n\n\n\n<div class=\"wp-block-button is-style-outline is-style-outline--2\"><a class=\"wp-block-button__link has-background-color has-text-color wp-element-button\" href=\"https:\/\/www.captcha.eu\/what-is-login-abuse\/\">See how login abuse works<\/a><\/div>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-8d0e59613af76665ec057a080b63af07\" id=\"h-how-to-evaluate-an-invisible-captcha-for-your-website\" style=\"color:#2b7ca4\">How to evaluate an invisible CAPTCHA for your website<\/h2>\n\n\n\n<p>Four questions cut through most of the marketing language around invisible CAPTCHA and get to the operational reality:<\/p>\n\n\n\n<div class=\"wp-block-essential-blocks-feature-list  root-eb-feature-list-izkoq\"><div class=\"eb-parent-wrapper eb-parent-eb-feature-list-izkoq \"><div class=\"eb-feature-list-izkoq eb-feature-list-wrapper eb-icon-position-left eb-tablet-icon-position-left eb-mobile-icon-position-left eb-feature-list-left\"><ul class=\"eb-feature-list-items circle stacked\"><li class=\"eb-feature-list-item\" data-new-tab=\"false\" data-icon-type=\"icon\" data-icon=\"fas fa-check\" data-icon-color=\"\" data-link=\"\"><div class=\"eb-feature-list-icon-box\"><div class=\"eb-feature-list-icon-inner\"><span class=\"eb-feature-list-icon\" style=\"color:\"><i icon=\"fas fa-check\" class=\"fas fa-check \"><\/i><\/span><\/div><\/div><div class=\"eb-feature-list-content-box\"><h3 class=\"eb-feature-list-title\">Does it set cookies or collect personal data?<\/h3><p class=\"eb-feature-list-content\">If yes, you need to assess whether those cookies require ePrivacy consent in your jurisdictions, and whether the underlying processing requires a GDPR lawful basis and privacy notice update. This is not a deal-breaker, but it is overhead that a proof-of-work alternative eliminates entirely.<\/p><\/div><\/li><li class=\"eb-feature-list-item\" data-new-tab=\"false\" data-icon-type=\"icon\" data-icon=\"fas fa-check\" data-icon-color=\"\" data-link=\"\"><div class=\"eb-feature-list-icon-box\"><div class=\"eb-feature-list-icon-inner\"><span class=\"eb-feature-list-icon\" style=\"color:\"><i icon=\"fas fa-check\" class=\"fas fa-check \"><\/i><\/span><\/div><\/div><div class=\"eb-feature-list-content-box\"><h3 class=\"eb-feature-list-title\">Will it ever show a visible challenge to a real user?<\/h3><p class=\"eb-feature-list-content\">Behavioral systems fall back to visible challenges for users they cannot classify confidently. Proof-of-work systems adjust computational difficulty instead, remaining invisible regardless. If your audience includes privacy-tool users, VPN users, or assistive technology users, a behavioral system will challenge some of them.<\/p><\/div><\/li><li class=\"eb-feature-list-item\" data-new-tab=\"false\" data-icon-type=\"icon\" data-icon=\"fas fa-check\" data-icon-color=\"\" data-link=\"\"><div class=\"eb-feature-list-icon-box\"><div class=\"eb-feature-list-icon-inner\"><span class=\"eb-feature-list-icon\" style=\"color:\"><i icon=\"fas fa-check\" class=\"fas fa-check \"><\/i><\/span><\/div><\/div><div class=\"eb-feature-list-content-box\"><h3 class=\"eb-feature-list-title\">Is it independently certified against an accessibility standard?<\/h3><p class=\"eb-feature-list-content\">Self-certification is easy to claim. An independent certification against WCAG 2.2 AA from an accredited body (like T\u00dcV Austria for CAPTCHA.eu) means the accessibility claim has been externally verified.<\/p><\/div><\/li><li class=\"eb-feature-list-item\" data-new-tab=\"false\" data-icon-type=\"icon\" data-icon=\"fas fa-check\" data-icon-color=\"\" data-link=\"\"><div class=\"eb-feature-list-icon-box\"><div class=\"eb-feature-list-icon-inner\"><span class=\"eb-feature-list-icon\" style=\"color:\"><i icon=\"fas fa-check\" class=\"fas fa-check \"><\/i><\/span><\/div><\/div><div class=\"eb-feature-list-content-box\"><h3 class=\"eb-feature-list-title\">Where is data processed?<\/h3><p class=\"eb-feature-list-content\">For European operators, Austria or Germany means EU jurisdiction with no cross-border transfer complexity. US-based providers require active transfer mechanisms (Standard Contractual Clauses or equivalent) that need documentation and periodic review.<\/p><\/div><\/li><\/ul><\/div><\/div><\/div>\n\n\n\n<p>Applying this framework across the main options:<\/p>\n\n\n\n<p><strong>reCAPTCHA v3:<\/strong>\u00a0Behavioral. Sets the\u00a0_grecaptcha cookie (confirmed persistent post-April 2026). Can fall back to visible challenges. No independent accessibility certification for the invisible mode. US-based processing. Requires ongoing compliance management for European deployments.<\/p>\n\n\n\n<p><strong>Cloudflare Turnstile:<\/strong>\u00a0Partly behavioral, partly non-interactive. Sets a\u00a0cf_clearance cookie in some configurations. Generally does not fall back to puzzles for most users but can present challenges under some conditions. Privacy-first positioning but US-based. Better than reCAPTCHA on privacy but not fully cookieless.<\/p>\n\n\n\n<p><strong>CAPTCHA.eu:<\/strong>&nbsp;Proof-of-work combined with contextual signal analysis: no cookies, no individual user profiling, no cross-site data aggregation. Signal analysis scales puzzle difficulty per request without building behavioral profiles. No fallback challenges ever. Independently certified by T\u00dcV Austria against WCAG 2.2 AA. Austria-based, all data processed under EU law. Transparent pricing with a free tier. Built specifically for European compliance requirements.<\/p>\n\n\n\n<p><strong>Friendly Captcha:<\/strong>&nbsp;Proof-of-work combined with risk signals from a global shared threat database across their customer base. No cookies. No fallback challenges. Independently certified against WCAG 2.2 AA. Germany-based. Strong EU compliance position. The shared-database risk model is effective; organisations with strict per-request data minimisation requirements should review it against their own policies. Enterprise pricing at higher tiers.<\/p>\n\n\n\n<p><strong>ALTCHA:<\/strong>&nbsp;Open-source proof-of-work. Self-hosted option provides maximum data sovereignty. No cookies, no third-party data flows. WCAG 2.2 AA compliant. Requires technical resources to host and maintain. Good for teams with zero tolerance for third-party data handling.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-5ce9e574cfb454ba3d1a1aa741d21fde\" id=\"h-frequently-asked-questions\" style=\"color:#2b7ca4\">Frequently Asked Questions<\/h2>\n\n\n\n<div class=\"wp-block-premium-accordion premium-accordion premium-accordion-f14b5a732f13\">\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-28caada56b5c premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">What is invisible CAPTCHA?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">Invisible CAPTCHA is a form of bot protection that verifies users in the background without asking them to solve puzzles, click checkboxes, or interact with any challenge. Verification runs automatically while the user fills in a form or takes an action on the page. From the user&#8217;s perspective, nothing happens. Bots are identified and blocked.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-9b885543a837 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">Is invisible CAPTCHA the same as reCAPTCHA v3?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">No. reCAPTCHA v3 is one example of invisible CAPTCHA, and it uses a behavioral approach: it watches how users interact with the page and assigns a risk score. Proof-of-work invisible CAPTCHA (used by CAPTCHA.eu and Friendly Captcha) works differently: it asks the browser to solve a small cryptographic puzzle in the background. Both produce zero visible interaction for most users, but they differ significantly in data collection, cookies, GDPR implications, and accessibility behavior.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-e9e19ca476c3 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">Does invisible CAPTCHA work without cookies?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">It depends on the implementation. Behavioral invisible CAPTCHA (reCAPTCHA v3, hCaptcha) typically sets cookies. Google confirms the\u00a0_grecaptcha cookie persists after the April 2026 reCAPTCHA changes. Proof-of-work invisible CAPTCHA (CAPTCHA.eu, Friendly Captcha, ALTCHA) does not require cookies. Verification relies on the cryptographic proof, not on cross-session user identification.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-824dc030d004 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">Is invisible CAPTCHA accessible for users with disabilities?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">Challenge-free proof-of-work implementations can be fully accessible by architecture because they do not rely on visual, audio, or cognitive tests. There is nothing to see, hear, click, or solve. Some proof-of-work products additionally offer optional step-up verification for higher-risk cases, but CAPTCHA.eu and similar truly invisible implementations never present a challenge regardless of risk level. Behavioral invisible CAPTCHA can fall back to visible challenges for users who produce atypical interaction patterns, which includes many assistive technology users. WCAG 2.2 Success Criterion 3.3.8 prohibits cognitive function tests in authentication flows, making proof-of-work the more compliant option for login and registration flows.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-87e4609978b3 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">Can bots bypass invisible CAPTCHA?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">Sophisticated, well-resourced attackers can defeat most security controls given enough time and resources. However, proof-of-work CAPTCHA raises the cost of each attempt computationally, which means large-scale automated attacks become economically impractical rather than technically impossible. A bot running credential stuffing at thousands of attempts per minute must now solve a cryptographic puzzle for each one. Behavioral CAPTCHA relies on detecting suspicious patterns, which motivated attackers can learn to mimic. Neither is a perfect solution, which is why CAPTCHA works best as one layer in a defense-in-depth strategy alongside MFA and rate limiting.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-b59c0e1eaebb premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">Does invisible CAPTCHA require a GDPR consent banner?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">For cookieless proof-of-work CAPTCHA, the CAPTCHA layer typically does not create a cookie-consent requirement of its own. No cookies are set and no behavioral personal data is collected by the CAPTCHA mechanism. Operators should still assess their full implementation and local legal requirements. For behavioral invisible CAPTCHA: it depends on your implementation and jurisdiction, but in most EU member states the answer is yes. The persistent cookie and behavioral data collection require both a GDPR lawful basis and an assessment under national ePrivacy rules, which typically requires consent. Choosing proof-of-work eliminates this compliance question entirely.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-ef719ad414b4 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">What is the difference between invisible CAPTCHA and reCAPTCHA v2 Invisible?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">reCAPTCHA v2 Invisible is a specific Google product that still uses the reCAPTCHA v2 challenge mechanism; it just delays showing it until the user triggers a flagged action. When flagged, it presents the familiar image-selection challenge. reCAPTCHA v3 removes that challenge entirely and uses a risk score instead. Modern proof-of-work invisible CAPTCHA goes further: no score-based fallback, no visual challenge, ever, regardless of the risk level assigned to a request.<\/p><\/div><\/div>\n\n\n\n<div class=\"wp-block-premium-accordion-item premium-accordion-item-23d9c61e9e48 premium-accordion__content_wrap\"><div class=\"premium-accordion__title_wrap premium-accordion__ltr premium-accordion__out\"><div class=\"premium-accordion__title\"><h4 class=\"premium-accordion__title_text\">How does proof-of-work CAPTCHA stop bots if there is no challenge?<\/h4><\/div><div class=\"premium-accordion__icon_wrap\"><svg class=\"premium-accordion__icon\" role=\"img\" focusable=\"false\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 20 20\"><polygon points=\"16.7,3.3 10,10 3.3,3.4 0,6.7 10,16.7 10,16.6 20,6.7 \"><\/polygon><\/svg><\/div><\/div><div class=\"premium-accordion__desc_wrap\"><p class=\"premium-accordion__desc\">Proof-of-work raises the computational cost of every request. For a single legitimate user submitting one form, the computation is negligible and completes in the background in milliseconds. For a bot submitting thousands of requests per minute, every single attempt requires solving a cryptographic puzzle. The total computational cost of the attack becomes large enough to make it economically unattractive. Unlike blocking by IP address (which distributed attackers route around), computational cost cannot be avoided: it applies regardless of how many different IPs or devices the attacker uses.<\/p><\/div><\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading has-text-color has-link-color has-large-font-size wp-elements-35238059df35ed9dad481dbef77b1fc7\" id=\"h-related-reading\" style=\"color:#2b7ca4\">Related reading<\/h2>\n\n\n<div class=\"root-eb-post-carousel-2ei7e wp-block-essential-blocks-post-carousel\">\n    <div class=\"eb-parent-wrapper eb-parent-eb-post-carousel-2ei7e \">\n        <div class=\"eb-post-carousel-2ei7e style-2 slick-arrows equal-height dot-style-1 eb-post-carousel-wrapper\"\n            data-id=\"eb-post-carousel-2ei7e\"\n            data-querydata=\"a:13:{s:6:&quot;source&quot;;s:4:&quot;post&quot;;s:11:&quot;sourceIndex&quot;;i:0;s:9:&quot;rest_base&quot;;s:5:&quot;posts&quot;;s:14:&quot;rest_namespace&quot;;s:5:&quot;wp\/v2&quot;;s:6:&quot;author&quot;;s:0:&quot;&quot;;s:10:&quot;taxonomies&quot;;a:0:{}s:8:&quot;per_page&quot;;s:1:&quot;6&quot;;s:6:&quot;offset&quot;;s:1:&quot;0&quot;;s:7:&quot;orderby&quot;;s:4:&quot;date&quot;;s:5:&quot;order&quot;;s:4:&quot;desc&quot;;s:7:&quot;include&quot;;s:319:&quot;[{&quot;value&quot;:3604,&quot;label&quot;:&quot;How to Prevent Brute Force Attacks on Your Website&quot;},{&quot;value&quot;:3326,&quot;label&quot;:&quot;Is Google reCAPTCHA GDPR-Compliant in 2026?&quot;},{&quot;value&quot;:3616,&quot;label&quot;:&quot;How to Prevent Credential Stuffing Attacks on Your Website&quot;},{&quot;value&quot;:3536,&quot;label&quot;:&quot;hCaptcha vs. CAPTCHA.eu: Which Is Better for European Websites?&quot;}]&quot;;s:7:&quot;exclude&quot;;s:0:&quot;&quot;;s:15:&quot;exclude_current&quot;;b:0;}\"\n            data-slidersettings=\"{&quot;arrows&quot;:true,&quot;dots&quot;:true,&quot;autoplaySpeed&quot;:3000,&quot;speed&quot;:500,&quot;adaptiveHeight&quot;:true,&quot;autoplay&quot;:true,&quot;infinite&quot;:true,&quot;pauseOnHover&quot;:true,&quot;slideToShowRange&quot;:3,&quot;leftArrowIcon&quot;:&quot;fas fa-chevron-circle-left&quot;,&quot;rightArrowIcon&quot;:&quot;fas fa-chevron-circle-right&quot;,&quot;addIcon&quot;:false,&quot;showFallbackImg&quot;:false,&quot;fallbackImgUrl&quot;:&quot;&quot;,&quot;TABslideToShowRange&quot;:2,&quot;MOBslideToShowRange&quot;:1}\"\n            data-attributes=\"{&quot;preset&quot;:&quot;style-2&quot;,&quot;showThumbnail&quot;:true,&quot;showTitle&quot;:true,&quot;titleLength&quot;:&quot;10&quot;,&quot;titleTag&quot;:&quot;h2&quot;,&quot;showContent&quot;:true,&quot;contentLength&quot;:20,&quot;expansionIndicator&quot;:&quot;...&quot;,&quot;showReadMore&quot;:true,&quot;readmoreText&quot;:&quot;Read More&quot;,&quot;showMeta&quot;:true,&quot;headerMeta&quot;:&quot;[]&quot;,&quot;footerMeta&quot;:&quot;[]&quot;,&quot;authorPrefix&quot;:&quot;by&quot;,&quot;datePrefix&quot;:&quot;&quot;,&quot;showBlockContent&quot;:true,&quot;leftArrowIcon&quot;:&quot;fas fa-chevron-circle-left&quot;,&quot;rightArrowIcon&quot;:&quot;fas fa-chevron-circle-right&quot;,&quot;showFallbackImg&quot;:false}\">\n\n            <div class=\"eb-post-carousel init-eb-post-carousel-2ei7e\"\n                data-id=\"eb-post-carousel-2ei7e\">\n                <article class=\"ebpg-carousel-post ebpg-post-carousel-column\" data-id=\"3616\"><div class=\"ebpg-carousel-post-holder\"><div class=\"ebpg-entry-media\">\n                <div class=\"ebpg-entry-thumbnail\">\n                    <a class=\"ebpg-post-link-wrapper eb-sr-only\" href=\"https:\/\/www.captcha.eu\/nl\/hoe-je-aanvallen-met-credential-stuffing-kunt-voorkomen\/\">How to Prevent Credential Stuffing Attacks on Your Website<\/a>\n                    <img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-1-1.png\" class=\"attachment-full size-full not-transparent\" alt=\"Illustration of a website login form protected against credential stuffing, showing automated bot traffic coming from compromised account sources toward a login page, blocked by a shield layer, with a key approaching several lock icons to represent reused credentials and selective attack success.\" data-has-transparency=\"false\" data-dominant-color=\"d3e0f0\" style=\"--dominant-color: #d3e0f0\" \/>\n                <\/div>\n            <\/div><div class=\"ebpg-entry-wrapper\"><div class=\"ebpg-entry-meta ebpg-header-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><header class=\"ebpg-entry-header\">\n            <h2 class=\"ebpg-entry-title\">\n                <a class=\"ebpg-carousel-post-link\" href=\"https:\/\/www.captcha.eu\/nl\/hoe-je-aanvallen-met-credential-stuffing-kunt-voorkomen\/\" title=\"How to Prevent Credential Stuffing Attacks on Your Website\">How to Prevent Credential Stuffing Attacks on Your Website<\/a>\n            <\/h2>\n        <\/header><div class=\"ebpg-entry-content\"><div class=\"ebpg-carousel-post-excerpt\">\n            <p>Credential stuffing attacks use real passwords stolen from prior breaches, not guesswork. That makes them faster, harder to detect, and&#8230;<\/p>\n        <\/div><div class=\"ebpg-readmore-btn\">\n            <a href=\"https:\/\/www.captcha.eu\/nl\/hoe-je-aanvallen-met-credential-stuffing-kunt-voorkomen\/\"> Read More <\/a>\n        <\/div><\/div><div class=\"ebpg-entry-meta ebpg-footer-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><\/div><\/div><\/article><article class=\"ebpg-carousel-post ebpg-post-carousel-column\" data-id=\"3604\"><div class=\"ebpg-carousel-post-holder\"><div class=\"ebpg-entry-media\">\n                <div class=\"ebpg-entry-thumbnail\">\n                    <a class=\"ebpg-post-link-wrapper eb-sr-only\" href=\"https:\/\/www.captcha.eu\/nl\/hoe-brute-force-aanvallen-te-voorkomen\/\">How to Prevent Brute Force Attacks on Your Website<\/a>\n                    <img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu_-1.jpg\" class=\"attachment-full size-full not-transparent\" alt=\"Digital illustration of a website login form protected by layered defenses including CAPTCHA, monitoring, rate limiting, multi-factor authentication, and firewalls, with automated bot traffic being filtered and only verified users gaining access.\" data-has-transparency=\"false\" data-dominant-color=\"dde5f4\" style=\"--dominant-color: #dde5f4\" \/>\n                <\/div>\n            <\/div><div class=\"ebpg-entry-wrapper\"><div class=\"ebpg-entry-meta ebpg-header-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><header class=\"ebpg-entry-header\">\n            <h2 class=\"ebpg-entry-title\">\n                <a class=\"ebpg-carousel-post-link\" href=\"https:\/\/www.captcha.eu\/nl\/hoe-brute-force-aanvallen-te-voorkomen\/\" title=\"How to Prevent Brute Force Attacks on Your Website\">How to Prevent Brute Force Attacks on Your Website<\/a>\n            <\/h2>\n        <\/header><div class=\"ebpg-entry-content\"><div class=\"ebpg-carousel-post-excerpt\">\n            <p>Brute force attacks are one of the most persistent threats to website security. In 2026, they combine stolen credential lists,&#8230;<\/p>\n        <\/div><div class=\"ebpg-readmore-btn\">\n            <a href=\"https:\/\/www.captcha.eu\/nl\/hoe-brute-force-aanvallen-te-voorkomen\/\"> Read More <\/a>\n        <\/div><\/div><div class=\"ebpg-entry-meta ebpg-footer-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><\/div><\/div><\/article><article class=\"ebpg-carousel-post ebpg-post-carousel-column\" data-id=\"3536\"><div class=\"ebpg-carousel-post-holder\"><div class=\"ebpg-entry-media\">\n                <div class=\"ebpg-entry-thumbnail\">\n                    <a class=\"ebpg-post-link-wrapper eb-sr-only\" href=\"https:\/\/www.captcha.eu\/nl\/hcaptcha-vs-captchaeu\/\">hCaptcha vs. CAPTCHA.eu: Which Is Better for European Websites?<\/a>\n                    <img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/03\/Design-ohne-Titel-38.jpg\" class=\"attachment-full size-full not-transparent\" alt=\"A clean, modern illustration of a laptop displaying a side-by-side CAPTCHA comparison dashboard. Two unnamed solutions are compared across criteria such as GDPR compliance, privacy, accessibility, and ease of integration, using checkmarks, warning icons, and progress bars. The scene includes subtle European elements like a faint map of Europe and EU stars, along with icons for security, accessibility, and data protection around the device.\" data-has-transparency=\"false\" data-dominant-color=\"dae4f0\" style=\"--dominant-color: #dae4f0\" \/>\n                <\/div>\n            <\/div><div class=\"ebpg-entry-wrapper\"><div class=\"ebpg-entry-meta ebpg-header-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><header class=\"ebpg-entry-header\">\n            <h2 class=\"ebpg-entry-title\">\n                <a class=\"ebpg-carousel-post-link\" href=\"https:\/\/www.captcha.eu\/nl\/hcaptcha-vs-captchaeu\/\" title=\"hCaptcha vs. CAPTCHA.eu: Which Is Better for European Websites?\">hCaptcha vs. CAPTCHA.eu: Which Is Better for European Websites?<\/a>\n            <\/h2>\n        <\/header><div class=\"ebpg-entry-content\"><div class=\"ebpg-carousel-post-excerpt\">\n            <p>For many European websites,\u00a0CAPTCHA.eu is the stronger hCaptcha alternative. The main reason is not that hCaptcha is a bad product&#8230;.<\/p>\n        <\/div><div class=\"ebpg-readmore-btn\">\n            <a href=\"https:\/\/www.captcha.eu\/nl\/hcaptcha-vs-captchaeu\/\"> Read More <\/a>\n        <\/div><\/div><div class=\"ebpg-entry-meta ebpg-footer-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><\/div><\/div><\/article><article class=\"ebpg-carousel-post ebpg-post-carousel-column\" data-id=\"3326\"><div class=\"ebpg-carousel-post-holder\"><div class=\"ebpg-entry-media\">\n                <div class=\"ebpg-entry-thumbnail\">\n                    <a class=\"ebpg-post-link-wrapper eb-sr-only\" href=\"https:\/\/www.captcha.eu\/nl\/is-google-recaptcha-gdpr-compliant-in-2026\/\">Is Google reCAPTCHA GDPR-Compliant in 2026?<\/a>\n                    <img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/03\/Design-ohne-Titel-31.jpg\" class=\"attachment-full size-full not-transparent\" alt=\"Illustration exploring GDPR compliance of reCAPTCHA showing a browser with cookie consent, an \u201cI\u2019m not a robot\u201d verification checkbox, data flow connections, an EU shield, and a privacy checklist indicating regulatory review.\" data-has-transparency=\"false\" data-dominant-color=\"d8e3ee\" style=\"--dominant-color: #d8e3ee\" \/>\n                <\/div>\n            <\/div><div class=\"ebpg-entry-wrapper\"><div class=\"ebpg-entry-meta ebpg-header-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><header class=\"ebpg-entry-header\">\n            <h2 class=\"ebpg-entry-title\">\n                <a class=\"ebpg-carousel-post-link\" href=\"https:\/\/www.captcha.eu\/nl\/is-google-recaptcha-gdpr-compliant-in-2026\/\" title=\"Is Google reCAPTCHA GDPR-Compliant in 2026?\">Is Google reCAPTCHA GDPR-Compliant in 2026?<\/a>\n            <\/h2>\n        <\/header><div class=\"ebpg-entry-content\"><div class=\"ebpg-carousel-post-excerpt\">\n            <p>Google reCAPTCHA changes its legal model on 2 April 2026. However, that does not make every setup automatically GDPR-compliant. Website&#8230;<\/p>\n        <\/div><div class=\"ebpg-readmore-btn\">\n            <a href=\"https:\/\/www.captcha.eu\/nl\/is-google-recaptcha-gdpr-compliant-in-2026\/\"> Read More <\/a>\n        <\/div><\/div><div class=\"ebpg-entry-meta ebpg-footer-meta\"><div class=\"ebpg-entry-meta-items\"><\/div><\/div><\/div><\/div><\/article>            <\/div>\n        <\/div>\n    <\/div>\n<\/div>\n\n\n<div class=\"wp-block-essential-blocks-infobox  root-eb-infobox-pn9zo\"><div class=\"eb-parent-wrapper eb-parent-eb-infobox-pn9zo \"><div class=\"eb-infobox-pn9zo eb-infobox-wrapper\"><div class=\"infobox-wrapper-inner\"><div class=\"contents-wrapper\"><h3 class=\"title\">Primary sources<\/h3><p class=\"description\"><a href=\"https:\/\/www.w3.org\/TR\/turingtest\/\" target=\"_blank\" rel=\"noreferrer noopener\">W3C: Inaccessibility of CAPTCHA<\/a>: authoritative W3C note on accessibility barriers in traditional CAPTCHA and the limitations of workarounds<br><a href=\"https:\/\/www.w3.org\/WAI\/WCAG22\/Understanding\/accessible-authentication-minimum.html\" target=\"_blank\" rel=\"noreferrer noopener\">WCAG 2.2 Success Criterion 3.3.8 Accessible Authentication (Minimum)<\/a>: the Level AA criterion prohibiting cognitive function tests in authentication flows<br><a href=\"https:\/\/docs.cloud.google.com\/recaptcha\/docs\/faq\" target=\"_blank\" rel=\"noreferrer noopener\">Google reCAPTCHA FAQ (April 2026)<\/a>: confirmation that the _grecaptcha cookie persists after the controller-to-processor role change<br><a href=\"https:\/\/www.captcha.eu\/captcha-eu-achieves-waca-silver-certification-setting-new-standards-in-accessible-digital-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">CAPTCHA.eu WCAG 2.2 AA Certification<\/a>: independently certified by T\u00dcV Austria<br>Stanford University study: CAPTCHA challenges reduce form conversions by up to 40%<br><a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A32019L0882\" target=\"_blank\" rel=\"noreferrer noopener\">European Accessibility Act (Directive 2019\/882)<\/a>: WCAG 2.2 AA legally binding for EU businesses from June 2025<\/p><\/div><\/div><\/div><\/div><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n","protected":false},"excerpt":{"rendered":"<p>Invisible CAPTCHA aims to verify users in the background with little or no visible interaction: no puzzles, no checkboxes, no friction for most users. But &#8220;invisible&#8221; covers two fundamentally different technical approaches, and some implementations still step up to visible challenges for traffic they cannot classify. Understanding the difference helps [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3654,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_eb_attr":"","footnotes":""},"categories":[41],"tags":[],"class_list":["post-3647","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledge-base"],"acf":{"pretitle":"","intern_slug":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What Is Invisible CAPTCHA? How It Works and Why It Matters - captcha.eu<\/title>\n<meta name=\"description\" content=\"Invisible CAPTCHA runs silently in the background. This guide explains the two approaches, privacy trade-offs and which fits EU websites.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.captcha.eu\/nl\/wat-is-onzichtbare-captcha\/\" \/>\n<meta property=\"og:locale\" content=\"nl_NL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is Invisible CAPTCHA? How It Works and Why It Matters\" \/>\n<meta property=\"og:description\" content=\"Invisible CAPTCHA runs silently in the background. This guide explains the two approaches, privacy trade-offs and which fits EU websites.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.captcha.eu\/nl\/wat-is-onzichtbare-captcha\/\" \/>\n<meta property=\"og:site_name\" content=\"captcha.eu\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-10T07:36:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-10T07:43:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Captcha\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@captcha_eu\" \/>\n<meta name=\"twitter:site\" content=\"@captcha_eu\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Captcha\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/\"},\"author\":{\"name\":\"Captcha\",\"@id\":\"https:\/\/www.captcha.eu\/#\/schema\/person\/f1e4886cdd0c5bbbb44279dd0d95445a\"},\"headline\":\"What Is Invisible CAPTCHA? How It Works and Why It Matters\",\"datePublished\":\"2026-04-10T07:36:31+00:00\",\"dateModified\":\"2026-04-10T07:43:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/\"},\"wordCount\":3918,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.captcha.eu\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg\",\"articleSection\":[\"Knowledge Base\"],\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/\",\"url\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/\",\"name\":\"What Is Invisible CAPTCHA? How It Works and Why It Matters - captcha.eu\",\"isPartOf\":{\"@id\":\"https:\/\/www.captcha.eu\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg\",\"datePublished\":\"2026-04-10T07:36:31+00:00\",\"dateModified\":\"2026-04-10T07:43:25+00:00\",\"description\":\"Invisible CAPTCHA runs silently in the background. This guide explains the two approaches, privacy trade-offs and which fits EU websites.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#breadcrumb\"},\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage\",\"url\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg\",\"contentUrl\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"captcha.eu\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.captcha.eu\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Is Invisible CAPTCHA? How It Works and Why It Matters\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.captcha.eu\/#website\",\"url\":\"https:\/\/www.captcha.eu\/\",\"name\":\"captcha.eu\",\"description\":\"The GDPR-compliant message protection | captcha.eu\",\"publisher\":{\"@id\":\"https:\/\/www.captcha.eu\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.captcha.eu\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"nl-NL\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.captcha.eu\/#organization\",\"name\":\"captcha.eu\",\"url\":\"https:\/\/www.captcha.eu\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\/\/www.captcha.eu\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2024\/02\/Captcha_mono-C_Logo.svg\",\"contentUrl\":\"https:\/\/www.captcha.eu\/wp-content\/uploads\/2024\/02\/Captcha_mono-C_Logo.svg\",\"width\":24,\"height\":28,\"caption\":\"captcha.eu\"},\"image\":{\"@id\":\"https:\/\/www.captcha.eu\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/captcha_eu\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.captcha.eu\/#\/schema\/person\/f1e4886cdd0c5bbbb44279dd0d95445a\",\"name\":\"Captcha\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\/\/www.captcha.eu\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=96&d=mm&r=g\",\"caption\":\"Captcha\"},\"sameAs\":[\"https:\/\/www.captcha.eu\"],\"url\":\"https:\/\/www.captcha.eu\/nl\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Wat is onzichtbare CAPTCHA? Hoe het werkt en waarom het belangrijk is - captcha.eu","description":"Onzichtbare CAPTCHA wordt geruisloos op de achtergrond uitgevoerd. Deze gids legt de twee benaderingen uit, de privacy-afwegingen en welke geschikt is voor EU-websites.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.captcha.eu\/nl\/wat-is-onzichtbare-captcha\/","og_locale":"nl_NL","og_type":"article","og_title":"What Is Invisible CAPTCHA? How It Works and Why It Matters","og_description":"Invisible CAPTCHA runs silently in the background. This guide explains the two approaches, privacy trade-offs and which fits EU websites.","og_url":"https:\/\/www.captcha.eu\/nl\/wat-is-onzichtbare-captcha\/","og_site_name":"captcha.eu","article_published_time":"2026-04-10T07:36:31+00:00","article_modified_time":"2026-04-10T07:43:25+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg","type":"image\/jpeg"}],"author":"Captcha","twitter_card":"summary_large_image","twitter_creator":"@captcha_eu","twitter_site":"@captcha_eu","twitter_misc":{"Written by":"Captcha","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#article","isPartOf":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/"},"author":{"name":"Captcha","@id":"https:\/\/www.captcha.eu\/#\/schema\/person\/f1e4886cdd0c5bbbb44279dd0d95445a"},"headline":"What Is Invisible CAPTCHA? How It Works and Why It Matters","datePublished":"2026-04-10T07:36:31+00:00","dateModified":"2026-04-10T07:43:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/"},"wordCount":3918,"commentCount":0,"publisher":{"@id":"https:\/\/www.captcha.eu\/#organization"},"image":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage"},"thumbnailUrl":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg","articleSection":["Knowledge Base"],"inLanguage":"nl-NL","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/","url":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/","name":"Wat is onzichtbare CAPTCHA? Hoe het werkt en waarom het belangrijk is - captcha.eu","isPartOf":{"@id":"https:\/\/www.captcha.eu\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage"},"image":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage"},"thumbnailUrl":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg","datePublished":"2026-04-10T07:36:31+00:00","dateModified":"2026-04-10T07:43:25+00:00","description":"Onzichtbare CAPTCHA wordt geruisloos op de achtergrond uitgevoerd. Deze gids legt de twee benaderingen uit, de privacy-afwegingen en welke geschikt is voor EU-websites.","breadcrumb":{"@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#breadcrumb"},"inLanguage":"nl-NL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.captcha.eu\/what-is-invisible-captcha\/"]}]},{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#primaryimage","url":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg","contentUrl":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg","width":1920,"height":1080,"caption":"captcha.eu"},{"@type":"BreadcrumbList","@id":"https:\/\/www.captcha.eu\/what-is-invisible-captcha\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.captcha.eu\/"},{"@type":"ListItem","position":2,"name":"What Is Invisible CAPTCHA? How It Works and Why It Matters"}]},{"@type":"WebSite","@id":"https:\/\/www.captcha.eu\/#website","url":"https:\/\/www.captcha.eu\/","name":"captcha.eu","description":"De GDPR-conforme berichtenbeveiliging | captcha.eu","publisher":{"@id":"https:\/\/www.captcha.eu\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.captcha.eu\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"nl-NL"},{"@type":"Organization","@id":"https:\/\/www.captcha.eu\/#organization","name":"captcha.eu","url":"https:\/\/www.captcha.eu\/","logo":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/www.captcha.eu\/#\/schema\/logo\/image\/","url":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2024\/02\/Captcha_mono-C_Logo.svg","contentUrl":"https:\/\/www.captcha.eu\/wp-content\/uploads\/2024\/02\/Captcha_mono-C_Logo.svg","width":24,"height":28,"caption":"captcha.eu"},"image":{"@id":"https:\/\/www.captcha.eu\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/captcha_eu"]},{"@type":"Person","@id":"https:\/\/www.captcha.eu\/#\/schema\/person\/f1e4886cdd0c5bbbb44279dd0d95445a","name":"Captcha","image":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/www.captcha.eu\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=96&d=mm&r=g","caption":"Captcha"},"sameAs":["https:\/\/www.captcha.eu"],"url":"https:\/\/www.captcha.eu\/nl\/author\/admin\/"}]}},"pbg_featured_image_src":{"full":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg",1920,1080,false],"thumbnail":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-150x150.jpg",150,150,true],"medium":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-300x169.jpg",300,169,true],"medium_large":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-768x432.jpg",768,432,true],"large":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-1024x576.jpg",1024,576,true],"1536x1536":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-1536x864.jpg",1536,864,true],"2048x2048":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2.jpg",1920,1080,false],"trp-custom-language-flag":["https:\/\/www.captcha.eu\/wp-content\/uploads\/2026\/04\/Captcha.eu-2-18x10.jpg",18,10,true]},"pbg_author_info":{"display_name":"Captcha","author_link":"https:\/\/www.captcha.eu\/nl\/author\/admin\/","author_img":"<img alt='Captcha' src='https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=128&#038;d=mm&#038;r=g' srcset='https:\/\/secure.gravatar.com\/avatar\/48b669a092d552f5f30202f8da848c93fa4c54f8c2b3167568ed5cbccbe4994a?s=256&#038;d=mm&#038;r=g 2x' class='avatar avatar-128 photo' height='128' width='128' loading='lazy' decoding='async'\/>"},"pbg_comment_info":" No Comments","pbg_excerpt":"Invisible CAPTCHA aims to verify users in the background with little or no visible interaction: no puzzles, no checkboxes, no friction for most users. But &#8220;invisible&#8221; covers two fundamentally different technical approaches, and some implementations still step up to visible challenges for traffic they cannot classify. Understanding the difference helps [&hellip;]","_links":{"self":[{"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/posts\/3647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/comments?post=3647"}],"version-history":[{"count":7,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/posts\/3647\/revisions"}],"predecessor-version":[{"id":3661,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/posts\/3647\/revisions\/3661"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/media\/3654"}],"wp:attachment":[{"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/media?parent=3647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/categories?post=3647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.captcha.eu\/nl\/wp-json\/wp\/v2\/tags?post=3647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}