Recaptcha v3 always returns a 0.1 score

[SeriaWei]

When i use recaptcha v3 with host "www.recaptcha.net" the score is always 0.1, but when i change to use host "www.google.com", the score is 0.9. So is it the v3 can not use with www.recaptcha.net? Scripts

https://www.recaptcha.net/recaptcha/api.js?render={key}

Siteverify

https://www.recaptcha.net/recaptcha/api/siteverify

[dev-johnny-gh]

according to this answer, it seems embedded browsers will get lower score.

i tested it by myself. as the answer says, i visited my website by chrome and did the exact same action as my clients do, and i got 0.9.

but all of my normal clients visit my website by embedded browsers of wechat. how can i resolve this problem?

[dev-johnny-gh]

also, recaptcha not always return 0.1 in my case, few of our users got 0.3. so, i think it's still working.

[MakingStuffs]

Not sure if people are still having this issue but changing the action from homepage to submit fixed it for me. My check is not executed until the form is submitted however.

[MonDeveloper]

Bug Still present. Since it probabily relies on the ML under the hood it is quite hard to find similarities but it's pretty sure it is bugged. Same interaction made by IE11 and Chrome (both Incognito, both from the same PC) takes 0.1 and 0.3 using IE11 and 0.9 using Chrome.

[potsky]

Buggy today for me after several months ok :-(

Envs : production and localhost

IPs : From distinct networks

Browsers : Chrome, Brave, Safari and Safari mobile

The values are always 0.1 or 0.3.

[davit555]

same here (( very disappointed started to show low scores, mostly 0.1

[stalker780]

Same here. 3 domains on one VPS. Dozens of clients. All get 0.3-0.1 score since this morning.

Damn. Had to disable recaptcha :(

Even logging into google account does not help to get higher score.

[Chrispybee]

I've been using recaptcha V3 now for just over a year and it's really flaky. At 4am on Thursday (15th April 2021) we started having an influx of users who would normally be getting scores of 0.7 - 0.9 were getting 0.1 - 0.3. The ramp of users getting a low scores has dropped slightly but still getting high numbers. These are genuine users who aren't using a bot to use the login page.

Does anyone know if there was there some sort of outage which was causing this issue? Just seems like it's getting worse and no help from Google to guide us to get our customers to 0.9 or the magical 1 score!

Looking at the documentation and the quick video regarding the enterprise offering, the admin console looks worse and it will be the same ML underneath, just get an email address for support that might work...

[beqramo]

same here :( everything was working perfectly but suddenly 0.1, 0.3

[felixck12]

I thought it was just us. We have been getting low scores mostly 0.1 as well since late March. Left a comment in issue #304

[dusnoki]

We are having the same problem. A couple of days ago we started getting lots of 0.1 scores. Even our own developers are getting bad scores. It's all a bit flakey, sometimes the score is good, sometimes not. It seems to be affecting the domains which are behind a CDN (Cloudfront) more than the ones that aren't. But it might be only a fluke. Had to disable recaptcha for now.

[capytan]

same here. It's still going on right now.

I've been using reCAPTCHA v3 since 2019 and have never had it used to work perfectly. We used to get scores of 0.7 or 0.9. However, there was a sudden increase in the number of requests evaluated as 0.1 or 0.3 since April 15. We found that these were normal requests made by humans.

[felixmeziere]

Same here! suddenly I started getting 0.1 and 0.3 on lots of calls randomly :/

[Chrispybee]

I do wish Google would come back to us and give us in the response why it failed. Just having a black box and getting an arbitrary number just seems flaky. I love the idea of V3 but where one user could get a 0.9 and the next second get a 0.3 just doesn't make any sense - almost like pointing a finger in the air and taking a guess.

Has anyone moved to V2 to see if that's any better?

[bankeris]

V2 and V3 are different things. V2 you have google UI, while V3 works silent :)

Using V3 on developer/server in debug mode sometimes(very rare) getting low score. But my main issue silently fixed.

[Chrispybee]

I get the difference between the two, this is why I went with the V3 solution. My question was, due to the amounts of low scores, has anyone just binned it off and gone for V2 instead. If so, what was their experience? Were their users fed up because of a captcha every time they visited the page? Is invisible captcha the way forward if the scoring mechanism is failing so badly..

[gingerlime]

V3 is a marketing tool to get you to also install V2 ;-)

[Xeyor]

Hi everyone same problem here we are using recaptcha v3 in production for months now, everything was working ok but since a few days we receive really low scores even for real users (Mostly 0.1 and 0.3)

My guess is that google messed up something on their end because I remember getting rejected by a recaptchaV3 few days ago on another website and you guys seems to have the problem too...

We need explanations !

[yoyoloftis]

Same issue for us. We are using recaptcha v3 on some of our website forms. On 4/21/21 (two days ago), we started experiencing super low scores of 0.1 and 0.3, even for real users. In testing myself, I am sometimes getting 0.7 score, and sometimes getting a 0.1 or a 0.3, depending on browser. Developer partners get same results. This is super frustrating, since we have set up some blockers and error messages for end users in these low score scenarios. This is bad for customer service. It would be good to know if Google has changed anything recently. Because we have not made any changes, and it was working great until this week.

[armellarcier]

Same here. We changed the action strings sent for each specific verification and our scores are good again. So we appended a dynamic suffix to all action strings (the current date formatted YYYYMMDD). We're hoping this will make our score consistently better.

[justinphan1992]

Any update for this issue. I'm facing this problem today

[MonDeveloper]

I strongly suggest all of you to migrate to hCaptcha, they are highly compatible with reCaptcha but they care about the service.

I am not involved in any manner with hCaptcha, I didn't know about them since 1 week ago and I'm neither a current hCaptcha customer, just did some experiments.

It's very sad to notice how much Google ignores reCaptcha service.

Il giorno lun 31 mag 2021 alle ore 04:32 Phan Dat @.***> ha scritto:

Any update for this issue. I'm facing this problem today

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/google/recaptcha/issues/248#issuecomment-851125103, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABNKU74M77XHQ5EOD6EKYX3TQLYLJANCNFSM4FPHDB5A .

[evdama]

As a firebase user I've enabled the recently announced app check feature which is recapcha v3 based... maybe it has something to do with it? 🤷‍♂️ https://firebase.google.com/docs/app-check/web#from-the-cdn

[gingerlime]

I strongly suggest all of you to migrate to hCaptcha, they are highly compatible with reCaptcha but they care about the service.

Last I checked with hCaptcha, the invisible captcha option was only available to paid customers, and prices start at $999/mo ...

[benazo]

Ran into this today. We've been using "www.recaptcha.net" on our live site rather than "www.google.com" due to "www.google.com" not working for users in China. Recaptcha v3 was returning a score of 0.3 for several real people in the US. We tried switching back to "www.google.com" and their scores are 0.9.

[dslocalsearch]

This is also happening to us. Even more weird, we tried to lower the score to 0.3 but then when we test with the googlebot header, it returns 0.3 and allows the request. This is very frustrating and unreliable solution in my opinion. And would be great if someone could give us an explanation why this is happening and how to fix it.

[Chrispybee]

We decided in the end to go down the route of Recaptcha v2. It’s a shame but v3 was completely unreliable for what we wanted.

Sent from my iPhone

On 28 Sep 2021, at 15:46, dslocalsearch @.***> wrote:

 This is also happening to us. Even more weird, we tried to lower the score to 0.3 but then when we test with the googlebot header, it returns 0.3 and allows the request. This is very frustrating and unreliable solution in my opinion.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[e271828-]

https://www.hcaptcha.com (specifically the enterprise version, which includes scores and passive modes like v3) is a better idea. You can customize every aspect of the scores.

[gingerlime]

yeah but hcaptcha enterprise starts at $999/mo …

[subbuswaroop]

I'm also facing the same issue for the past few days. It returns a low score of 0.1 when I test it in https://www.live.browserstack.com on iOS and iPad. But it returns a high score when I test the same in Google chrome on my windows machine.

The behaviour is very inconsistent. Seriously hope Google fixes it sooner.

[antonio-acevedo]

We are also seeing strange behaviour on our enterprise recaptcha where legit requests from Iphones are being scored as 0.1 (or 0.3 if users happen to be logged in their google acocunt within the iphone's browser).

Working perfectly fine for all other OS and browsers...is anybody else seeing this behaviour?

[isanecat]

I also have the same problem when I am trying my code on localhost with ubuntu + firebase emulator development platform. The score returns 0.1 despite user handled interactions. It was working for months despite no changes on recaptcha code.

[ConaxLiu]

We also received reports that some frustrated users constantly blocked by reCaptcha V3. I checked their scores and they were receiving beween 0, 0.1 and 0.3. Some had tried different browsers with none success. With the information received so far, I suspect its something to do with the VPN their organisations are using, or the policies configured on their work computer. (One user had indicated that she was blocked by the captcha on her work computer, but was able to progress if using her personal computer.

[rowan-m]

Closing old issues that are not related to the PHP client code.

[brookeherbert]

We are also out of the blue getting 0.1 scores from legitimate safari users, using the enterprise version. We could try updating the key or action name as others have mentioned, but this seems to be an arbitrary solution. Considering falling back to v2

[Chrispybee]

Personally, it doesn’t matter what you change/ workaround you’ll always end up with users not being able to login due to low scores.Each and every time is to use v2. Not had any issues with it since implementing it.Sent from my iPhoneOn 11 Apr 2023, at 00:55, brookeherbert @.***> wrote: We are also out of the blue getting 0.1 scores from legitimate safari users, using the enterprise version. We could try updating the key or action name as others have mentioned, but this seems to be an arbitrary solution. Considering falling back to v2

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: @.***>

[ConaxLiu]

Ya, I ended up implementing both V2 and V3, so those that can use V3 continue to enjoy normal login, and those that are blocked by V3 are then presented with V2 images. 😅

[hugopeek]

Closing old issues that are not related to the PHP client code.

@rowan-m What is it related to then?