reCAPTCHA v3 from Google helps you detect abusive traffic on your website without any user interaction compared to reCAPTCHA v2 which requires users to either tick a confirmation box or spend time to select images to prove that they are a real person and not a bot.
We have used the version 2 reCAPTCHA on clients websites and our own or many years but are now converting them to use the new reCAPTCHA v3 version to make it easier for real website visitors to contact the businesses.
The largest difference between reCAPTCHA v3 and v2 are the lack of visitor interaction and the new reCAPTCHA v3 returns a score between 0 and 1 for if it thinks the submission is a bot or human.
Any response over 0.5 is classified as likely to be a human and below this threshold it is likely to be a bot or spam submission.
Google have basic instructions on developers.google.com/recaptcha/docs/v3 for adding the reCAPTCHA v3 to your web pages but they don’t have any server side demo code for you to validate the response and process the form submission as needed.
Using existing code and other code snippets I found online, I wrote a simple C# class which adds the nessarry code to as web page and then validates the response from the reCAPTCHA v3 server and returns an object containing the returned data.
Download the C# class and demo form from github.com/briandorey/google-recaptcha-v3-c-sharp-example and copy GoogleRecaptchia.cs into the App_Code folder on your website project.
Next you need to create a site profile on www.google.com/recaptcha/admin/ which will generate the reCAPTCHA keys.
You will be given a Site Key and a Secret Key which will need to be added into the GoogleRecaptchia.cs on lines 17 and 18
The class uses Newtonsoft.Json from www.newtonsoft.com/json to parse the JSON response from reCAPTCHA and you can install this using the package manager in Visual Studio with the following command in the Package Manager console:
You need to add a hidden input field which is used to pass the token from reCAPTCHA back to the server side code which needs to be added within your form tags.
<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response" />
On your web form you also need to add Jquery for the client side code which you can download from jquery.com
After your Jquery script link you need to add an asp:Literal which is used for the client side code on the page:
<asp:Literal ID="LitGoogleJS" runat="server"></asp:Literal>
In your code-behind file or in the .aspx page you need to add the following to create the GoogleRecaptchia object:
GoogleRecaptchia gr = new GoogleRecaptchia();
In the Page_Load function add the following to insert the client side code:
protected void Page_Load(Object Src, EventArgs E)
LitGoogleJS.Text = gr.GenPageCode();
On the form submission function, you can call the validation using:
// create an empty string for any error messages
string errorMessage = string.Empty;
// validate the submission
ReCaptchaResponse returnval = gr.ValidateReCaptcha(ref errorMessage);
// is the ReCaptcha true or false
bool isValidCaptcha = returnval.Success;
To view the show the ReCaptcha score use:
If there are any errors with the validation these will be returned in the errorMessage string.
The full form example and class can be downloaded from GitHub at https://github.com/briandorey/google-recaptcha-v3-c-sharp-example
Google Logos from https://commons.wikimedia.org/