Add ReCAPTCHA to Donation Forms
ReCAPTCHA is an often requested feature that we don't have Core support for and we should to reduce credit card testing and provide support with an easy was to recommend fraud prevention.
Stripe also emails us about implementing it when the detect one of our customers are experiencing card testing.
Here's our current snippet: https://github.com/impress-org/givewp-snippet-library/blob/master/form-customizations/implement-recaptcha.php
Note: We already have code implementing ReCAPTCHA on the "Access Control" tab so some logic already exists in the plugin to implement this, just not on the donation form itself.
We should also consider supporting reCAPTCHA v3 since it is less invasive than v2.
Consider adding cloudflare Turnstile as well.
May I ask for a quick update on this?
This feature request is currently the highest voted for (from what I can see) of the "planned" and "in progress" ones.
It is also linked to an inherent security underlying issue that has been plaguing GiveWP for the past few years (spam donations) and a captcha mechanism would go a long way in preventing / fighting these.
Clearly, Akismet, Stop Donor Spam and Cloudflare while helpful, are simply not effective enough.
I would argue that the implementation of this further security measure should be catpcha provider agnostic (hcaptcha, reCaptcha, Friendly Captcha etc..), but I would settle for any one of them if this means improving the situation of SPAM donations.
Many thanks in advance for the short feedback.
ReCaptcha v3 definitely! V2 isn't user friendly at all and clearly...outdated
Even with Akismet and Stop Donor Spam, we still see card testing on our site. v3 ReCaptcha would be a valuable core feature.
We tried everything else and had to revert to implementing the reCAPTCHA snippet. Definitely a good thing to be integrated into the plugin. This will make it accessible to more clients.
v2 reCAPTCHA makes the donor experience terrible, and we really, really would love to have the code snippet updated so that we can implement something like reCaptcha v3 quickly. GiveWP Support's suggested remedies for "donor spam" (Akismet integration, raise the minimum amounts, Stop Donor Spam, implement Cloudflare) either don't work at all for us, or there's another reason we can't use those solutions. :/
I disagree with the implementation of ReCaptcha. Google has made ReCaptcha incredibly unfriendly for non-Chrome users and they plan to charge for the service in future. Cloudflare has moved to hCaptcha which is privacy respecting and does not discriminate between users' choice of browser.
The implementation for hCaptcha is similar to ReCaptcha.
Abdullah: Yes, there should definitely be support for hCaptcha, as some people clearly refuse Google tools. I created a feature request for this:
marked this post as
This is important to help prevent SPAM and card testing.