We recently migrated the CAPTCHA provider we use from Google’s reCAPTCHA to a service provided by the independent hCaptcha. Since this change potentially impacts all Cloudflare customers, we wanted to walk through the rationale in more detail. We recently migrated the CAPTCHA provider we use from Google’s reCAPTCHA to a service provided by the independent hCaptcha.
We’re excited about this change because it helps address a privacy concern inherent to relying on a Google service that we’ve had for some time and also gives us more flexibility to customize the CAPTCHAs we show. Since this change potentially impacts all Cloudflare customers, we wanted to walk through the rationale in more detail. One of the services Cloudflare provides is a way to block malicious automated (‘bot’) traffic.
We use a number of techniques to accomplish that. When we are confident something is malicious bot activity we block it entirely. When we are confident it’s good human traffic (or a good bot like a search engine crawler) then we let it through.
But, sometimes, when we’re not 100% sure if something is malicious or good we issue it a “challenge”.
Source: cloudflare.com