As any IT admin knows, inventory work is tedious but necessary. Recently, I was using Apple's coverage check portal to manage AppleCare plans. The portal only lets you paste one serial number at a time. For each serial number, you also have to solve a CAPTCHA.
That is not good enough for a high-volume administrative workflow. There should be an API with rate limits, or at least an authenticated endpoint that lets verified users do the work without repeated visual challenges.
So I gave the task to an AI agent. At first, the agent pushed back: there was a CAPTCHA in the way. After more prompting, it completed the workflow anyway. It checked the list and moved through the portal without the repeated human friction the page was designed to impose.
That experience made the shift obvious. CAPTCHAs are no longer reliable as a primary bot defense. They still create friction, but the friction lands hardest on real users and operational teams. Modern automation can solve, route around, or adapt to the challenge.
The bot ecosystem won the CAPTCHA arms race
The ecosystem around CAPTCHA bypass is mature. Attackers do not solve the challenge the way you want them to. They automate it, outsource it, or avoid it.
A 2024 study from researchers at ETH Zurich found that their system could solve Google's reCAPTCHAv2 with 100% accuracy. Cloudflare's 2025 Radar review also reported that AI "user action" crawling increased by over 15x in 2025. That category covers crawlers visiting websites in response to a user action or prompt, which is much closer to browser-driven task execution than old bulk scraping.
Visible anti-bot components are easy for automation to detect. Once a bot knows a CAPTCHA is in the way, it has a clear next move: slow down, change infrastructure, send the task to a solver, or retry through a different browser profile.
Why visible bot defenses backfire
The moment a bot sees a CAPTCHA, it learns that it has been flagged. That predictability is the problem. The defense announces itself and tells the attacker where the wall is.
This creates a training loop. The bot changes its fingerprint, adjusts timing, rotates proxies, and tries again. Every visible signal you emit becomes feedback for the next generation of bypass tooling.
That does not mean every challenge is useless. It means visible challenges should not be the primary control. They work best as one step in a broader risk response, triggered only when the session already looks suspicious.
The better strategy is wasting attacker resources
If blocking bots at the front door is no longer enough, the better strategy is to waste attacker resources.
Instead of throwing up an obvious wall immediately, let suspicious sessions spend effort. Let them move through parts of the flow. Let them consume their own compute, proxy capacity, account inventory, and time. Then limit, degrade, or drop the session once your confidence is high.
The asymmetry matters. Your cost to serve one fake session is often low. Their cost to run thousands of fake sessions with browser automation, paid proxies, solver services, and retries is real. Every wasted cycle increases the operating cost of abuse.
A flight-booking honeypot example
Imagine you run a flight booking platform. Visitors select flights, add passenger names, and move through checkout. Near the final step, your telemetry shows the session is not a normal customer. It looks like a price scraper or automated purchasing workflow.
You do not have to block it with a CAPTCHA at the first page. You can change the response.
Change the language. Show an unusual currency. Hide the final price behind a contact step. Require re-authentication. Offer one price during the automated flow, then show the real human price only after stronger confidence signals appear.
The scraper reports back polluted data. Your real customers still see the correct experience. You have not trained the bot with an obvious challenge. You have made its output less useful.
| Tactic | What it does to automation | What it does to a human |
|---|---|---|
| Language switch mid-flow | Breaks assumptions in scraper logic | Minor inconvenience at worst |
| Unusual currency | Pollutes extracted price data | Usually invisible to real checkout |
| "Contact us" at final stage | Forces manual interaction | Signals bespoke or higher-risk handling |
| Re-authentication gate | Adds cost per session | One extra step for a real user |
| Delayed price reveal | Wastes the automated journey | Preserves the normal buyer path |
The power of "contact us"
If you sell a service or configurable product, do not reveal every commercial detail at the first step. Ask for information throughout the flow, then reserve the final quote for the moment when you have enough confidence in the visitor.
"Contact us" is not just a sales motion. In high-risk flows, it can be a fraud control.
It means you still want the business, but the session needs a human touchpoint first. Make the visitor pick up the phone, use WhatsApp, send an email, authenticate, or speak with sales. Each step adds evidence that you are dealing with a real person or a real buying process.
Accept the right amount of friction
Some teams hear this and worry about conversion loss. That concern is valid. Friction applied broadly is expensive.
The answer is not to make every visitor work harder. The answer is to apply friction selectively. Fraud and abuse already create operating costs through payment fraud, first-party misuse, card testing, account abuse, and support load. The MRC 2026 Global eCommerce Payments & Fraud Report tracks these as recurring fraud and payment problems for merchants.
If a contact wall costs a small amount of legitimate conversion but blocks a high-cost automated abuse path, that trade can make sense. The key is precision. Put friction where the risk is, not where every normal visitor starts.
What to do instead of relying on CAPTCHAs
Move from visible challenges to browser-layer evidence and adaptive response.
Start with these steps:
- Monitor browser, device, network, and behavioral signals throughout the session
- Classify traffic by intent and risk, not just by "bot or human"
- Apply progressive response: allow, monitor, degrade, require contact, re-authenticate, or block
- Avoid showing obvious challenges too early in the flow
- Measure abuse cost, false positives, and conversion impact together
cside AI Agent Detection and cside Fingerprinting help teams see the browser-layer signals that legacy bot defenses miss. That includes stealth automation, proxy abuse, virtualized environments, suspicious session continuity, and AI-agent behavior inside real browser flows.
CAPTCHAs are not dead because every challenge fails every time. They are dead as the default answer. The modern defense is quieter, more selective, and more expensive for the attacker.
Book a demo to see how cside detects risky browser sessions before they reach sensitive flows.
