CAPTCHA: what is it and what does it do?

captcha animated

We’ve all seen them, we’ve all checked that box that asks if we’re human.

But why do websites have these forms? How do CAPTCHA forms (which stands for Completely Automated Public Turing test to tell Computers and Humans Apart) actually increase website security? 

In this article we’ll walk through what CAPTCHA forms actually are, whether they actually make a difference when it comes to protecting against scammers, and why you should consider adding them to your online business.

What is a CAPTCHA form?

The purpose of a CAPTCHA form is to distinguish between real users trying to make legitimate transactions and spam robots. 

While CAPTCHA forms might seem very straightforward, they are designed to be very hard for a machine to pass. 

Machines are unable to process visual data the same way humans do. So when letters are presented as an image, or when prompted to select a number of pictures containing a traffic light — machines and spam bots are fooled and fail the test.

CAPTCHA forms have come in lots of different shapes and sizes over the years, and the reason is simple. 

Machines have the ability to learn from their mistakes, much like humans. Which means CAPTCHA forms have to become progressively more difficult to solve. 

In early CAPTCHA forms, you might have been asked to type in a series of numbers and letters that were skewed slightly so they didn’t appear as they normally would. Another basic test might have asked you to check a box confirming if you were human.

early examples of CAPTCHA forms
Two examples of older basic CAPTCHA forms.

More recent and complex CAPTCHA forms might ask you to check all the boxes showing a common theme such as buses, or traffic lights. The more complex the visual data is to process, the harder it is for machines to get right.

example of new CAPTCHA form
A more complex CAPTCHA form with lots of visual data designed to stop spam bots.

So, how can implementing a CAPTCHA form on your online store’s checkout page protect your business?

Why CAPTCHA are important for online businesses

Installing CAPTCHA forms on different parts of your website can help protect your business from spam bots and scammers who might try to make fraudulent purchases on your website.

If you have a contact form on your website for customers to get in touch with you, placing a CAPTCHA form on the submission page can prevent spam bots from flooding your inbox with emails containing spam links — which could result in your account being hacked, and your customers’ credit card details being stolen.


Read more

How hackers hack


Scammers also create automated bots that will use stolen credit card information to make a purchase to test if the payment data is correct. If they can successfully make a purchase with the stolen credit card details, the scammers then use the credit card for other purchases. 

The danger for your business with these automated bots, is that the rightful owner will pick up on the unauthorised transaction and cancel their credit card with their financial provider. You might have to issue a refund, and if you have already sent out your goods or services, you may be left out of pocket.

Creating a CAPTCHA form for your website

If you think implementing a CAPTCHA form on your website might help reduce the risk of spam bots or scammers using and infiltrating your website, you can find a guide to creating a CAPTCHA form here

You will need some basic coding skills to implement a CAPTCHA form yourself, or if you have a developer on hand, ask them about the best way to use CAPTCHA forms.

Part of a bigger security picture

CAPTCHA forms are not the only security measure you should put in place for your online store. While CAPTCHA forms might keep automated bots out of your website, they won’t hold up against human hackers who try to commit fraud or flood your inbox with dangerous spam.

Businesses that are set up with online payment providers such as eWAY benefit from built-in fraud prevention tools that can help detect potential fraudulent transactions being made through their stores.


Further reading

What to look for: SMB’s online security weakspots