Update 1/25/2023: We have had to reinstate HCaptcha due to incompatibilities with certain third party clients and our solution. Premium users will continue to see no CAPTCHAs. We regret having to change this, but the original article is preserved below.
It’s no secret – most people would not say CAPTCHAs are fulfilling, entertaining, or otherwise well not annoying. But CAPTCHAs do one thing well – keep out spam. After all, it’s mostly bots and automated scripts that post the most spam. No human has time to comment a link leading to a sketchy Russian dating site on 50000 other sites.
Until today, Androidacy utilized CAPTCHAs in several locations to prevent spam, bandwidth wasters, and more. But over the last week, we’ve been testing a non-CAPTCHA solution that will continue to keep out bots but require less to no effort from our human visitors. And we’re glad to say we’ve done it – we’ve removed all captchas.
A bit of history
When we started out, we had a real bot problem. When our first website was brought up in 2019, more visitors were bots than humans. It was a nightmare trying to keep our comment forms from being flooded with spam and worse, trying to filter through the mess of sexy single girls wanting a good time in our area, and just generally not going mad.
We tried many solutions. Google’s own reCAPTCHA, HCaptcha, and Cloudflare Turnstile most recently. reCAPTCHA let in too many bots. HCaptcha randomly wouldn’t insert the response in the form, making our servers think no CAPTCHA was submitted. Cloudflare Turnstile caused less friction but had a very high false negative rate (meaning a lot of humans were identified as bots). It was starting to look hopeless.
And not to forget the constant stream of user complaints. About the false negatives, the time and effort required to complete each challenge, and the slowdown on our pages these tools invariably caused. Unfortunately, every attempt to remove CAPTCHAs brought back the bots.
So we set out to find a non-CAPTCHA antispam solution. And after weeks of development and A/B testing on our visitors, we’ve finally came up with it.
CAPTCHAs: replaced at last
We’ve developed a solution using a combination of in-house tools and open source software to keep out the bots. No box to check, no heavy JavaScript weighing down the page load, it all happens in the background, and should have a 99.5% accuracy preventing many users from being prevented from using our website.
The solution uses a combination of existing techniques like honeypots and mixes them in with our own and vendor intelligence and signals. For security reasons, we cannot completely disclose either client-side or server-side logic.
We heard you, people. And we’ve solved the problem. Enjoy our website – without having to identify any more cars or houses. Why don’t you check our our Magisk Module Repository while you’re here, or maybe our Font Previewer?