In a blog post, hCaptcha announced that its bot detector is running on
about 15% of the internet, adding they they “took most of this market
share directly from Google reCAPTCHA.” From the post: Competing with
Google and other Big Tech companies seems like a tall order: their
monopolistic market power, platform effects and army of highly paid
developers are generally considered too powerful to tackle for anyone but
other tech giants such as Facebook or Amazon. Our story shows that it
doesn’t have to be that way – you can beat Big Tech by focussing on
privacy. Consider Google reCAPTCHA, which consumes enormous amounts of
behavioral data to determine whether web users are legitimate humans or
bots. At hCaptcha, we have deliberately taken a very different approach,
using privacy-preserving machine learning techniques to identify typical
bot behaviors at high accuracy, all while consuming and storing as little
data as possible. Google is an ad company, and their security products
look very much like their ad products: they track user behavior on every
page of a website and across the web. We designed hCaptcha to be as
privacy-friendly as possible from day one. This led to a completely
different approach to the problem. As it turns out, tracking users across
the web and tying their web history to their identity is completely
unnecessary for achieving good security. The many companies that have
switched over to hCaptcha often report equal or better performance in bot
detection and mitigation despite our privacy focus. A growing number of
critics have pointed out that Googleâ(TM)s disregard for user privacy
should concern customers looking to protect their websites and apps. At
the same time, stopping bots from accessing publisher sites can reveal ad
fraud, pitting Googleâ(TM)s reCAPTCHA product directly against their ad
business, which produces over 80% of their revenue. Every bot Google
detects should be earning zero ad dollars. Google’s company incentives
are thus poorly aligned with the users of their security services, and
this may be one explanation for the poor performance of their reCAPTCHA
security offering. …
