Traffic Source
Detect access from Cloud, VPN, TOR, CDN, and popular blocklists (like Firehol, Spamhouse etc.).
An in-depth look at some of the Private Captcha features
Rate limiting
Private Captcha solves a cryptographic task in the background, that requires a certain amount of resources (the "difficulty") from the user.
The system automatically adjusts the task difficulty depending on current access patterns to the protected resource and access patterns of the actor themselves.
Difficulty grows exponentially, with each small increase requiring much more compute resources from bots. This very quickly makes any attack economically nonviable.
Compute resource requirements to solve the task provide equal security regardless of bots intelligence level, making it effective even as AI technology improves.
In Private Captcha dashboard you can configure the base difficulty for tasks and how fast difficulty grows based on the dynamics of current access patterns. So it can be perfectly tailored for your users.
Security
Define your own rules for CAPTCHA puzzles on top of smart difficulty scaling. Change difficulty, adapt scaling or block requests completely.
Detect access from Cloud, VPN, TOR, CDN, and popular blocklists (like Firehol, Spamhouse etc.).
Take action against whole countries if that's what it takes for security.
Match any CIDR range, for example excluding your corporate ranges.
Detect known bots or write custom logic based on User-Agent HTTP header values.
Dashboard
Staying on top of how your properties are accessed helps to select correct difficulty settings, spot verification problems or monitor your billing.
Take control of your usage and performance with real-time insights
Start free trial
GDPR Compliance
Private Captcha was built with GDPR/CCPA compliance by design. In addition to that you can restrict actual networking to go through EU servers.
Private Captcha relies only on EU companies. Servers, storage, CDN, email - you name it - backed by EU businesses, which have strict GDPR requirements. Current suppliers include Hetzner, Bunny and Scaleway.
Learn more about EU suppliersPrivate Captcha provides technical means to make client-side widget and server-side validations to connect only to EU servers. At the expense of small latency increase, this ensures no user data will be processed on non-EU servers.
Check docsPrivate Captcha does not collect or process any Personally Identifiable Information (PII). We have a Data Processing Agreement ready in addition to our Privacy Policies. Our code is public so all claims can be easily verified.
DPASecurity
Every form submission passes through user-friendly CAPTCHA and rate-limit checks before it reaches you. Docs
Make any DIY visualization you want using events and hooks of our library.
Compliance
Keep your data safe and know exactly who changed what and when. View activity at the property, organization, or account level. Export logs to CSV for any time range.
You get 14 days of audit data included with every plan, with an upgrade option for 365 days.
Automation
Create and edit properties in bulk, manage organizations and more using our Platform API. Now almost everything you can do in the portal is available as an HTTP endpoint.
Batch-create/edit/delete properties, which is perfect for import and automated management of client websites.
All operations using API produce the same compliance audit logs as operations in the Portal.
curl -X POST https://api.privatecaptcha.com/org \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"name": "New Marketing Org"}'
curl -X POST https://api.privatecaptcha.com/org/vDWtASYqrB/properties \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '[{"name": "Blog", "domain": "blog.example.com"}]'
Security
A customer may want to use a domain like captcha.customer.com to point to api.privatecaptcha.com so that captcha widget does not contact any other domains except of those of the customer.
This is possible to achieve using DNS proxying (also known as "CNAME proxy").
Check docsIndependent, privacy-first, user-friendly CAPTCHA service made in EU