We pride ourselves on being CAPTCHA experts. It’s what we do, so we try to keep up with emerging industry trends as much as possible.

With this in mind, it’s with amusement (and concern) that we’ve noticed an interesting trend on Twitter this week. It appears that reCAPTCHA’s “No CAPTCHA” challenge has replaced the “check box” solution by instead resorting to a #CABBAGE test.

Why cabbage? Are cruciferous vegetables now a secret weapon to fight spammers? The hidden algorithms must have settled on this green leafy vegetable for a reason…

What we are certain of is that the challenges presented are hard. Have a look for yourself and see if you can pick the cabbage, and only the cabbage!


To get a picture of just how often this is happening, simply scroll through the Tweets about reCaptcha cabbage.

The idea of a simple “tick the box” CAPTCHA solution, in theory, was great. The problem arises when more and more people start to get presented with the second step involving ambiguous images.  This is reminiscent of the same major usability issue that the original reCAPTCHA had – auto-generated challenges are often too difficult for humans to solve. When the object of the test is to easily advance humans, but stop bots – you simply must provide a challenge that is easy for humans, or site usability & conversion suffers.

But who are we to argue with innovation? To stay ahead of the game it was obvious that we needed our own super-food version of human verification.

So behold, the FunCabbcha. You’re welcome Internet.

Click Verify to play #FunCabbcha and prove you’re not a Cabbage.


Our aim is to be the premiere CAPTCHA alternative and what better way to do that than by providing a plugin for two of the most popular Content Management Systems available? Joomla and Drupal have both made a name for themselves with their easy to use formats and extensibility, with millions of websites already relying on both.

Installing FunCaptcha onto either CMS is a breeze, with detailed instructions via our setup page. So, if you’re creating websites using Joomla! or Drupal and needing a CAPTCHA alternative for your outdated CAPTCHA – we’re ready and waiting!

About Joomla!

Joomla is an award-winning content management system (CMS), which enables you to build Web sites and powerful online applications. Many aspects, including its ease-of-use and extensibility, have made Joomla one of the most popular CMS’ available. Best of all, Joomla is an open source solution that is freely available to everyone.

About Drupal

Drupal is open source software maintained and developed by a community of over 1,000,000 users and developers. It’s distributed under the terms of the GNU General Public License (or “GPL”), which means anyone is free to download it and share it with others. This open development model means that people are constantly working to make sure Drupal is a cutting-edge platform that supports the latest technologies that the Web has to offer. The Drupal project’s principles encourage modularity, standards, collaboration, ease-of-use, and more.

Our founder and CAPTCHA expert Matthew Ford elaborates on what spam posting is, how massive companies like Blizzard still suffer from it and how these websites can stop it – not with annoying letters (or secretive black boxes), but with skill.

FunCaptcha is the only company dedicated to providing an interactive and engaging mini-game style CAPTCHA service that also completely stops spam posting. We can even generate revenue – if you’re into that sort of thing.

Watch the above, try us out or even sign-up from our homepage in a few easy steps.

Did you know that FunCaptcha is the only company in the world that is 100% focused on improving human verification via CAPTCHA? We really are the CAPTCHA experts!

With great power comes great responsibility, so one of our founders, Matthew Ford has taken it upon himself to solve the world’s CAPTCHA problems one video at a time.

First up, he explains a topic we’ve briefly touched on: why and how bots are getting through traditional text CAPTCHAs – a problem that’s easily solved by switching to FunCaptcha.

On Saturday morning, Matt Ford and I visited the place where FunCaptcha was first envisioned – Startup Weekend at River City Labs. It’s a great event where entrepreneurs can create a business in one weekend with the guidance of investors, mentors and experienced developers.

Whilst there, we were lucky to meet Australia’s Prime Minister, Tony Abbott! The PM was visiting the competition in an effort to better understand startups, their culture and the importance of their success for Australia’s economy.

Founders Kevin Gosschalk and Matthew Ford meeting with Prime Minister Tony Abbott

We spoke at length with Mr Abbott about how we’re protecting websites internationally and generating revenue for publishers who integrate our CAPTCHA software. He was intrigued with FunCaptcha’s unique gamified approach to security and loved hearing that federal initiatives like Entrepreneurs’ Infrastructure Programme and Accelerating Commercialisation have helped to establish our business.

We’re glad that the government is increasing focus on assisting the startup community. Because without receiving such help, and assistance from forward thinking investors like Richard Moore & Bruce Stubbs at R&R Strategic – our journey as a startup would have been much more difficult. I’m humbled by the level of success my team at FunCaptcha has achieved so far and feel that more innovative Australian startups deserve the same opportunities.

So thanks Tony, it was great to meet you. And thanks to everyone that continues to contribute to the FunCaptcha story.

Kevin Gosschalk
Co-Founder & CEO

If you’ve used the Internet for any decent amount of time, you’ve probably seen or experienced “spam”. It may have been as a forum moderator, a user or even as the owner of a website. Nearly every internet user at one point has experienced or seen “spam”. But what exactly IS “spam”?


Many believe spam is just unwanted emails that are banished to the “junk” folders of their inboxes. This isn’t entirely true: spam emails are actually a small part of what makes up a much larger definition. Internet communities, a.k.a “forums”, are often the biggest targets for “spammers”. This is because millions of internet users all over the globe use them every day. It’s a big problem and even the biggest companies in the world can be at the mercy of persistent spammers. For example: Battle.net, Blizzard’s online gaming portal and community hub, has been seeing a large spike in spam, as you can see below.


Blizzard’s English Hearthstone community under siege from Korean spammers.

Spammers, like those pictured, have one goal: get their unsolicited information in front of you by any means necessary. They’ll use software to break through bad CAPTCHAs, bots to automatically fill up petitions and even use software to auto-vote on community ballots. There’s a big difference between honest marketing and advertising practices and the malicious acts spammers carry out every day.

Paying to have your brand’s advertisement occupy the banner of a website? Great! It’s the same as a billboard: it’s a space dedicated to advertising a product and if done correctly, doesn’t intrude on a user’s experience.

Making thousands of fake accounts and completely filling up a forum’s message boards, effectively rendering them useless? Not great. It means the community can’t act as a community should, the forums begin to lose their user base and a community hub without a community is pointless.

This is one of the major reasons FunCaptcha exists today. We aim to protect communities all over the world from spammers and their nasty ways. We love participating in communities, so why would we want to see them filled with malicious links, fake ads and unsolicited offers?


On the 20th of June, an anonymous person decided to “break” Uber’s petition site. They then automated a process which resulted in over 100,000 fraudulent signatures in under 3 hours, effectively rendering the petition useless. The second step could have been avoided if they were using FunCaptcha.

It’s important to note that the first step, the actual breaking of the website through code exploits, isn’t something FunCaptcha (or any other CAPTCHA service) is designed to prevent. The information fields (First Name, Last Name etc) accepted any form of input. This allowed the anonymous vigilante to break the web page and even direct future visitors to Uber’s competitor, Lyft. Not cool right?

The perpetrator then listed what other malicious acts could be carried out through exploitation of the weakness:

Screen Shot 2015-06-23 at 2.28.57 pm

Pretty serious stuff. However, this post isn’t about the HTML exploits. Instead, we’re looking at how 100,000 signatures were signed up within 3 hours because the petition didn’t have anything in place to verify if that the signatures were submitted from a genuine source.

This is something FunCaptcha specializes in: we ensure that all activity through petitions, contact forms and surveys is genuine. If it isn’t, websites start to see Non-Human Traffic, which skews the results, leading to uninformed decisions and a misunderstanding of what your users or fans want. No-one, especially businesses, likes to waste their time and money – but without a secure method of verification, that’s exactly what happened to Uber in this case. Don’t worry Uber, we still love your friendly drivers and minty refreshments.

Simply put: if you plan on setting up a petition, a contact form or a survey – use FunCaptcha and avoid the headache that spammers cause. It’s why we’re the CAPTCHA of choice on Care2.com, one of the world’s largest petition sites.

Incoming Bot

The purpose of a CAPTCHA is simple: protect a website from malicious attacks (i.e. spammers) by being difficult/impossible for bots but easy enough to let humans through. But what happens when the most commonly used CAPTCHA service can be solved with 97%+ accuracy by the very bots it was designed to beat?

For over a decade, text based CAPTCHAs have been the popular choice for this task. They grab a word (usually English), warp it into a shape not commonly seen and then ask users to type the words they see. Some text CAPTCHAs even use a random assortment of letters and numbers in an attempt to hinder the bots even more. The issue? Programs that utilize Optical Recognition Software, known as OCR, read the distorted text and allow bots through to websites that relied on the security service to prevent that very thing happening.


This, unfortunately, is a common problem. By design, text CAPTCHAs have a shelf life – in order for them to remain difficult for bots, they have to become increasingly harder for humans. It appears that we’ve reached the ceiling for text CAPTCHA effectiveness, which is a big motivation for our creation of FunCaptcha.

The internet was built on innovation and that’s exactly what we’re doing with FunCaptcha – innovating an area of web security that sorely needs it.

Update: watch co-founder and CAPTCHA expert, Matthew Ford, go into detail on this topic in our new video series!

If you’ve been using the Internet at any time in the past 15 years, there’s a good chance you’ve completed a CAPTCHA.

Why do they exist?

Unfortunately, not every person on the Internet has good intentions. People can use software to sign up accounts to websites, then use these accounts to perform malicious acts on the website. What these acts are depends on the website. Forums and online communities get filled with inane comments and “spam”, with links to viruses, scams and other dodgy areas of the internet. Comment sections on news website get filled with the same thing. By placing a CAPTCHA in front of these areas, it acts as a gate to prevent automated harassment. No dishonest or malicious people would mean no need for CAPTCHAs.

Why are they so difficult?

The idea behind the CAPTCHA was initially sound. Create images that only humans could solve by utilizing the advanced recognition ability of the human brain. Computers couldn’t solve it – yet. Time went on and OCR (Optical Character Recognition) software got better, bots started breaking through, which meant the CAPTCHAs needed to get harder. See where this is going? This method of CAPTCHA means that the harder they make it for bots, the harder it gets for human.

Bad for business

In a previous blog post, we explained where traditional CAPTCHAs came from, how they’ve developed and that they’re solved over 300,000,000 times a day. While they are necessary, traditional text/image based CAPTCHAS (like the image above) have become so distorted that solving them has become annoying – and an annoying task completed so many times each day can lead to frustrated users.  What was supposed to have stopped bad people has ended up just stopping people entirely. The industry average solve rate of a traditional CAPTCHA is just 75%, which means 1/4 of potential users are leaving out of frustration. That’s simply bad for business.

How can you fix it?

It’s simple – download FunCaptcha. Our innovative approach to CAPTCHA security ensures bots won’t break through, your users won’t be frustrated and your website won’t have ugly, distorted letters ruining the experience.


adtech x fc

ad:tech San Francisco is right around the corner, and FunCaptcha will be there!

ad:tech, as they say themselves, “is a conference and exhibition where the marketing, technology and media communities come together to share new ways of thinking, build strong partnerships, and define new strategies to address the key industry challenges and opportunities.”

We’re looking forward to hearing some great speakers talk about how online ad technology is improving and evolving. And of course – enjoying the networking functions in the great city of San Francisco!

Our calendar is filling quickly but please get in touch if you’d like to meet up, we’ll be in town all week.

Our Clients