reCAPTCHA from Google is a way of helping to verify that incoming form submissions are likely to be genuine, and therefore reduce spam.


Formulayt (GCDC) provides an integration with reCPATCHA V3. From your end user's perspective, this is seamless as it doesn't require them to do anything (unlike previous various of reCAPTCHA, where may have been required to complete a challenge). In V3, the user's on-site behaviour is profiled to analyse whether they are more likely to be a human or a bot. 


It is important to understand that any type of CAPTCHA verification requires both a browser-side and server-side integration. The Formulayt reCAPTCHA integration will handle the browser-side integration, but you cannot use CAPTCHA effectively unless you have control over the server-side processing.  Some Marketing Automation Platforms, such as Marketo, provide server-side integration for Google reCAPTCHA and can be used alongside our browser-side integration. Additionally, if you use our Zapier app integration, since form submissions are then routed over GCDC servers, we can then also handle the server-side verification and will do so automatically if both the Zapier and reCAPTCHA apps are active on your GCDC account. reCAPTCHA won't work with other platforms such as Eloqua, which provide their own solution. If you are submitting forms to your own server endpoint, then you can also use the reCAPTCHA app in GCDC to handle the browser-side integration, but you must then implement the server-side integration within your own server processing logic.


Put another way, reCAPTCHA does not prevent submissions from reaching your server endpoint. Instead, it provides a means of assessing how likely each submission is to be genuine once it has been received by the server.


Steps to implement:

  1. Thoroughly review the official Google docs and ensure that you understand how reCAPTCHA works.
  2. Register for a Google reCAPTCHA account and retrieve your site and secret keys (ensure you authorise all domains where you plan to display GCDC forms).
  3. Within your GCDC account, create a hidden field that will be used to store the submission token. You will use this token on each form submission to query the Google API in order to retrieve the score for the submission, and process this accordingly (see the Google docs to understand how scores work and how you should handle them).
  4. Activate the reCAPTCHA integration app in your GCDC account, adding your keys and selecting the hidden field that you want to carry the submission token that is generated for each form submission
  5. Implement your server-side logic by referring to the Google Docs
  6. Test your overall implementation.