How does hCaptcha differ from reCAPTCHA?

hCaptcha works in every country (including where Google is blocked), is privacy-focused with no PII required, and can be swapped in with just two lines of code. It also offers a more customizable challenge experience.

Is hCaptcha free to use?

Yes, hCaptcha offers a free Basic tier with bot protection that works in every country and complies with major privacy regulations. Pro starts at $99/month, and Enterprise requires contacting sales.

Does hCaptcha comply with GDPR?

Yes. hCaptcha is designed from the ground up to minimize data collection and retention. It complies with GDPR, CCPA, LGPD, PIPL, and supports HIPAA compliance through its zero PII features.

What is the passive or No-CAPTCHA mode?

Passive mode verifies users without showing any visual challenge. In 99.9% passive mode, less than 0.1% of legitimate users see a challenge. The fully passive No-CAPTCHA mode is available on the Enterprise tier.

How hard is it to switch from reCAPTCHA to hCaptcha?

hCaptcha provides a migration path that requires changing only two lines of code. They also offer hundreds of plugins and native integrations to simplify rollout.

Does hCaptcha support mobile apps?

Yes. hCaptcha provides native SDKs for both iOS and Android, plus mobile web support, enabling a consistent experience across platforms.

What types of fraud does hCaptcha protect against?

hCaptcha protects against bad bots, credential stuffing, account takeovers, purchase fraud, card testing, chargeback fraud, SMS tolling fraud, platform abuse, and affiliate fraud.

Does hCaptcha support accessibility requirements?

Yes. hCaptcha offers flexible options to meet WCAG 2.1 accessibility requirements, including text-based challenges and a passive Universal Accessibility system. VPATs are available upon request.

Back to Tools

hCaptcha

Stop bots and human abuse while preserving user privacy.

Cybersecurity & Security AI

Authentication Platform

Starting from

$99/mo

Free trial available

Try hCaptcha View full pricing

Is this your tool? Claim it

AI-Powered Summary

hCaptcha is a privacy-focused CAPTCHA and bot detection service used by millions of websites globally. It provides tiered protection from basic bot mitigation to enterprise-grade fraud detection, account defense, and threat intelligence—all without requiring personally identifiable information. It serves as a drop-in replacement for reCAPTCHA with broader country support and stronger privacy guarantees.

Key Features

What makes hCaptcha stand out

Bot Detection

Detects and blocks automated bot traffic across websites and apps.

Fraud Protection

Stops transaction fraud including card testing and chargeback fraud without needing personal data.

Account Defense

Detects account takeover attempts and credential stuffing attacks across identity providers.

Passive Mode

Verifies users silently with zero friction, challenging less than 0.1% of legitimate visitors.

Risk Scoring

Provides risk scores to identify different types of bad actors in real time.

Global Compliance

Complies with GDPR, CCPA, LGPD, PIPL, and HIPAA using zero PII architecture.

Custom Challenges

Lets you control which challenge types and content are shown to users.

Mobile SDK Support

Native SDKs for iOS and Android with consistent experience across web and mobile.

What's Great

Works in every country, including those where Google services are blocked
Free tier available with solid bot protection for small sites
Privacy-first design requires zero PII, simplifying GDPR/CCPA compliance
Drop-in reCAPTCHA replacement with only two lines of code to switch
99.9% passive mode minimizes friction for legitimate users

Things to Know

Enterprise pricing is not transparent—requires contacting sales
Pro tier at $99/month may be expensive for small businesses needing passive mode
Advanced features like risk scores and APT mitigation locked behind Enterprise tier
Limited public information about specific rate limits or usage caps per tier

Pricing Plans

All hCaptcha pricing tiers and features

Pro tier billed monthly or yearly

Basic (Free)

Free

World-Class Bot Protection

Works in Every Country

Complies with GDPR, CCPA, LGPD, PIPL, and more

Pro

$99/mo

Everything in Basic

Low Friction 99.9% Passive Mode

Custom Themes

Analytics

Enterprise

Contact Sales

Everything in Pro

Risk Scores

Passive (No-CAPTCHA) Mode

APT Mitigation Features

Enterprise SLAs

Multi-User Dashboard, SAML SSO

Advanced Analytics & Reporting APIs

View full pricing details

Real Cost Breakdown

Solo User

$0/mo

Team of 5

$99/mo

Hidden Costs

Enterprise tier pricing is completely opaque—requires sales conversation
Advanced features like risk scores, APT mitigation, and No-CAPTCHA mode all require Enterprise
First-party hosting and custom terms only available at Enterprise level

Cost Saving Tips

The free Basic tier is sufficient for simple bot protection on smaller sites
Annual billing is available for Pro tier, likely at a discount
Start with a free trial of Pro to evaluate before committing

The free tier is genuinely useful for basic bot protection, but organizations needing passive mode or risk scoring face a significant jump to $99/month (Pro) or opaque Enterprise pricing.

Price Comparison

Compare hCaptcha with similar tools

hCaptcha ranks as the 4th most affordable option out of 5 tools, priced 43% above the category average of $69/mo.

Auth0

freemium

Trial

Free

UptimeRobot

freemium

Trial

Free

/month

LoginRadius

freemium

Trial

Free

$13

/month

Tines

freemium

Trial

Free

$50

/month

hCaptchaYOU

freemium

Trial

Free

$99

/month

Box

freemium

14d

Free

$175

/month

Bar length shows relative price — longer bars mean higher prices. Tools are sorted from most affordable to most expensive.

Free / Open Source

Freemium

Paid

Enterprise

Best For

Websites and apps needing bot protection with strong privacy compliance

Who Should NOT Use This

Sites requiring completely invisible verification with no budget — The fully passive No-CAPTCHA mode is only available on the Enterprise tier, which requires contacting sales. The free tier shows visual challenges.
Very small hobby sites with minimal traffic — While the free tier works well, upgrading to Pro at $99/month for passive mode may not be cost-justified for sites with very low traffic or no revenue.
Organizations that need detailed threat intelligence without any client-side widget — While hCaptcha offers server-side API options at the Enterprise tier, its core product is a client-side verification widget; pure server-side threat intelligence platforms may be a better fit.
Developers who want full open-source control over their CAPTCHA system — hCaptcha is a proprietary SaaS service. Teams wanting to self-host or modify CAPTCHA code should look at open-source alternatives.

Competitive Position

hCaptcha is the only major CAPTCHA service that works in every country while requiring zero personally identifiable information, making it uniquely suitable for privacy-regulated global deployments.

When to Choose hCaptcha

You need CAPTCHA that works in countries where Google services are blocked (e.g., China)
Privacy compliance is critical and you cannot share PII with third parties
You want a drop-in reCAPTCHA replacement with minimal code changes
You need combined bot detection, fraud protection, and account defense in one platform

When to Look Elsewhere

You're already deeply integrated into Google's ecosystem and need seamless reCAPTCHA compatibility
You need a completely free passive/invisible CAPTCHA solution
You want a fully open-source CAPTCHA system you can self-host
Your primary need is WAF-level protection rather than CAPTCHA-level verification

Strongest alternative: Google reCAPTCHA

Learning Curve

Easy

Time to basic use

30 minutes

Time to proficiency

1-2 days

Prerequisites

Basic HTML/JavaScript knowledge

Access to website code or CMS plugin system

Common Challenges

Choosing the right difficulty level and challenge types for your use case
Understanding when to upgrade from free to Pro or Enterprise based on traffic patterns
Configuring advanced Enterprise features like risk scores and threat models