Skip to main content

Amr Abdelrazik is a Group Product Manager in Google Cloud Security.


reCAPTCHA has been a market leader for website security - protecting sites against fraud by both malicious bots and users, continually innovating to offer account level protections like account defender and password leak detection, fraudulent transaction detection, support for mobile apps, the recent launch of SMS toll fraud detection, and many more industry firsts. However, to get the maximal benefit of reCAPTCHA has required operators of the site to have security expertise in configuring the system. What if we made things far simpler, so anyone could be a cutting edge site operator, by leveraging the power of Google Gemini, and delivering semi-autonomous AI assistance. This is the latest innovation that the product has to offer, with the recent introduction of Fraud Insights.


By harnessing Gemini in Security, which uses SecLM, our security-tuned API, we're arming reCAPTCHA administrators with even more information and context, tailored to their environments, so they can take action sooner. Now, you can access insights derived from millions of data points across Google's vast fraud intelligence network with summaries generated by Gemini, so you don’t have to pore over logs, identify threats, and configure complex policies on your own. This new capability, available now by logging into the reCAPTCHA console, will give you the insights to better protect your organization from bots, account takeovers, and payment fraud. 


What are reCAPTCHA Fraud Intelligence Reports?


We introduced reCAPTCHA Fraud Intelligence Reports earlier this year to provide insights into global and site specific fraud trends, empowering organizations to fight fraud with greater speed and efficiency. The generated reports offer granular data, insights, and trends to help you make informed decisions to protect your users, and initial feedback has been overwhelmingly positive. reCAPTCHA Fraud Intelligence Reports include: 



  • Global Fraud Reports: Powered by our Google fraud intelligence network, these reports will give you a big-picture view of trending fraudulent activity to help you stay ahead of threats. You’ll uncover global fraud and bot traffic patterns, the latest attack methods, and potential weaknesses in your defenses.

  • Site-Specific Reports: These reports are customized specifically for your application. You’ll gain actionable insights to help you optimize reCAPTCHA for your unique user base and traffic patterns. This capability is available for our top reCAPTCHA 1000 customers. 


By combining global and site-specific intelligence–and harnessing the power of AI to gain deeper insights and navigate today’s threat landscape–you’ll be able to adapt your defenses to help protect your applications against evolving threats. 



reCAPTCHA Fraud Intelligence Reports showcase global and site-specific reports to highlight worldwide trends and customer-specific insights


Get started with reCAPTCHA Fraud Intelligence Reports


If you're already a reCAPTCHA Standard or Enterprise customer, accessing these Fraud Intelligence Reports is as simple as logging into the reCAPTCHA console. If you’re not yet a customer, learn more about how reCAPTCHA can help you protect your websites and mobile apps against fraud, such as bots, account takeovers and payment fraud. You can also learn more about how we are integrating Gemini across our other Google Cloud offerings. 

Regarding "site-specific reports" the article says "This capability is available for our top reCAPTCHA 1000 customers." I have no idea what that means or who these "top reCAPTCHA 1000 customers." are, but could you please provide this to every customer?

We've been attacked a couple of times in the last few months through SMS toll/pumping fraud attacks - once in May 2024 (before Google rolled out "reCAPTCHA SMS toll fraud protection" in late June 2024) and now again in October 2024. We implemented whatever defenses we could in May following Google's suggestions and are trying to roll out the new tools aavailable now. However this has cost us a significant amount of money, effort and time. We would appreciate any additional help like these site specific reports which could help us further defend against these attacks. 

Thx

You are accessing a U.S. Government information system, which includes: 1) this computer, 2) this computer network, 3) all computers connected to this network, and 4) all devices and storage media attached to this network or to a computer on this network. You understand and consent to the following: you may access this information system for authorized use only; unauthorized use of the system is prohibited and subject to criminal and civil penalties; you have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system at any time and for any lawful Government purpose; the Government may monitor, intercept, audit, and search and seize any communication or data transiting or stored on this information system; and any communications or data transiting or stored on this information system may be disclosed or used for any lawful Government purpose. This information system may contain Controlled Unclassified Information (CUI) that is subject to safeguarding or dissemination controls in accordance with law, regulation, or Government-wide policy. Creating an account and logging into this system constitutes acknowledgement of this warning. Posted on 07-02-2024 08:09 AM and filed in security-blog

https://www.googlecloudcommunity.com/gc/Community-Blog/Practical-Techniques-for-Monitoring-Your-Security-Data-Pipeline/ba-p/809060<top> 

Regarding "site-specific reports" the article says "This capability is available for our top reCAPTCHA 1000 customers." I have no idea what that means or who these "top reCAPTCHA 1000 customers." are, but could you please provide this to every customer?

We've been attacked a couple of times in the last few months through SMS toll/pumping fraud attacks - once in May 2024 (before Google rolled out "reCAPTCHA SMS toll fraud protection" in late June 2024) and now again in October 2024. We implemented whatever defenses we could in May following Google's suggestions and are trying to roll out the new tools aavailable now. However this has cost us a significant amount of money, effort and time. We would appreciate any additional help like these site specific reports which could help us further defend against these attacks. 

Thx

Hey @koritala_chat , please reach out to recaptcha-smstfp-feedback@google.com , would love to understand more about your specific use case and how we can help with reCAPTCHA SMS toll fraud protection. Looking forward to hearing from you soon. 

Naanak
Product Manager, reCAPTCHA Account Protections

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.