Google Cloud fraud defense, the next evolution of reCAPTCHA
unforgivenpasta
259 points
255 comments
May 06, 2026
Related Discussions
Found 5 related stories in 74.3ms across 8,303 title embeddings via pgvector HNSW
- Google Cloud Fraud Defence is just WEI repackaged ribtoks · 663 pts · May 08, 2026 · 74% similar
- Google broke reCAPTCHA for de-googled Android users anonymousiam · 852 pts · May 08, 2026 · 56% similar
- reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops Cider9986 · 14 pts · May 15, 2026 · 50% similar
- Google banks on AI edge to catch up to cloud rivals Amazon and Microsoft donsupreme · 92 pts · April 27, 2026 · 47% similar
- Gmail registration now requires scanning a QR code and sending a text message negura · 587 pts · May 11, 2026 · 46% similar
Discussion Highlights (20 comments)
SoKamil
Google clearly wants only Google approved models to traverse the web.
xacky
The fact that mobile devices are now mandatory to prove "humanness" means that Google no longer trusts desktop/open platforms anymore.
mayama
The site doesn't mention this. But, are they locking down QR code auth for only safetynet authenticated devices and with mobile number verification?
arian_
Google building harder walls against bots while simultaneously building AI agents that need to get through them is peak 2026.
stupidgeek314
Why can't an AI scan the QR code? Just fire up an emulator if necessary
bramhaag
The requirements for the mobile devices are listed here: https://support.google.com/recaptcha/answer/16609652 So it seems that you will need a modern Android device with Google Play Services installed or a modern iPhone/iPad to be allowed to browse the web in the future. No mention of device integrity verification yet, but the writing is on the wall.
mrguyorama
Google and the reCAPTCHA network aren't even that good with fraud prevention. You would think being literally omniscient over the whole internet would make it trivial to catch account takeovers, and Gmail has a proven track record at resisting account takeover, but when we tried to integrate their fraud signals, they were worthless, worse than the rest of the industry, worse than our homegrown trash from a decade ago. Because Google doesn't actually care about preventing fraud, they just want the data you feed them and the fraud feedback you provide. It's all take, no mutual business.
amazingamazing
How are people stopping bots reliably?
MichaelNolan
I’m trying to use my phone less and less. Ideally I’d like to even switch a dumb phone. But tactics like this will make that nearly impossible if every website starts requiring a QR code scan on a authorized smartphone.
LoganDark
Human verification via QR code does not mitigate labor farms.
driverdan
Any company that requires me to scan a QR code to make a purchase is losing my purchase.
ifh-hn
Can I confirm that this is more shit from Google trying to lock people into their ecosystem (or Apples) under the guise security?
PyWoody
What funny timing: After being hounded with CAPTCHAs every time I tried to search from the URL bar for the past week, not two hours ago I switched everything over to DDG. Great work, Google!
kajman
This would not have ever been announced while Lina Khan was running the FCC.
tech234a
The QR code feature looks like it could be spoofed to become a Pegasus deployment method once people get used to them.
basch
Is this why google was repeatedly telling me I was displaying patterns of being a bot yesterday because I click too fast? I've never gotten the error message as many times as I did yesterday.
eddy-sekorti
Thanks for sharing
scotty79
"This AI-resistant mitigation challenge to prove human presence is designed to make automated fraud economically unviable." Oh, you sweet, summer child.
arewethereyeta
Two mdashes in the first sentence...hmm.
graphememes
yeah im not doing that