Beacon uses a service called hCaptcha to secure Beacon forms against attack by automated bots. This is similar to Google's reCaptcha, with which you may be more familiar.
Important information: Since Beacon forms are protected by hCaptcha, the hCaptcha Privacy Policy and Terms of Service apply.
hCAPTCHA provides a mechanism that uses an advanced risk analysis engine to determine whether a form is being submitted by a real human or an automated bot. This adds a layer of protection to Beacon forms that prevents malicious form submissions.
We have chosen to implement hCaptcha rather than Google reCAPTCHA due to hCaptcha's commitment to protecting personal privacy when analysing form traffic. You can find out more about hCaptcha's rigorous commitment to GDPR on their website.
Beacon uses hCaptcha in two ways to secure forms. Whenever a form is submitted the following happens:
Beacon sends an initial request to the hCaptcha service to validate the form submission. This is based on how the form submitter has interacted with the page, and the information is gathered automatically while the user is on the page. If hCaptcha says that this looks like a human then the form is allowed to submit, if not we go to step 2...
βIf hCaptcha is unsure about a user they will be asked to confirm that they're a real human by clicking a box and potentially performing a visual perception test (that's really hard for robots but easy for humans). If the user fails this test then the form will not submit.
Sorry, no droids allowed.
