Oct 26, 2023

TouchPoint already offered the ability to enable reCAPTCHA, which protected payment pages against certain types of fraud and abuse by malicious bots. We recently updated to the latest version of reCAPTCHA in order to improve security and the user experience with online transactions. This update provides several benefits to the church when it comes to Online Giving and Online Registrations.

1. The new reCAPTCHA allows us to reset the form based on a number of failed payment method entries instead of resetting after 2 minutes. This new way better guards against more sophisticated bots. A church can set the default number of failed attempts by navigating to Admin > Advanced > Settings > System > Security > Lockout on Number of Consecutive Failed Gifts. The current default is 3.

2. The new reCAPTCHA allows a default strictness level for determining suspicious behavior to be set. This gives you more granular control to turn on reCAPTCHA (to allow for an extra layer of security), but to lower the strictness so that it does not create friction for most users. This setting can be adjusted by navigating to Admin > Advanced > Settings > System > Security > Google Recaptcha Minimum Score.

3. For most users, the reCAPTCHA will simply work in the background, so they don’t even know it’s there. In many cases, there will be no need for the user to solve puzzles or click checkboxes.

4. The algorithms used to analyze behavior to determine whether the user is a human or a bot are more advanced and better at identifying and stopping malicious bots.

5. Instead of only challenging the user once in a while, the user’s actions are constantly assessed, allowing it to adapt and react in real-time to changing circumstances.

To learn more about enabling reCAPTCHA on your database, please see the Online Giving Setup help article.