# Adding CAPTCHA Websites often face attacks aimed at exploiting their features for illegal purposes. In online payments, attackers often attempt to validate stolen credit card numbers or guess CVV codes by sending high volumes of automated requests mimicking human behavior. To mitigate such threats, many merchants use CAPTCHA tools designed to distinguish real users from bots through challenges or behavioral checks. There are several implementations, with the most prominent being [Google reCAPTCHA](https://www.google.com/recaptcha/about/). ## Hyp's CAPTCHA support At Hyp, we support the following CAPTCHA implementations: * Google reCAPTCHA v2 (default) * Google reCAPTCHA v3 * Cloudflare Turnstile With Google reCAPTCHA v2, we use the invisible mode (reCAPTCHA v2 Invisible), which avoids the "I'm not a robot" checkbox and keeps the payment page UX seamless. When a customer clicks **Pay**, CAPTCHA runs a risk analysis to decide whether to show a visual challenge or approve the request immediately. Hyp processes the transaction only after CAPTCHA either approves the request or successfully validates the challenge. The visual challenge looks like this when Google reCAPTCHA v2 is enabled: ![Google reCAPTCHA v2 challenge](/files/WetoQ5EqO5ED2GkAZ4fP) Here are a few things to note before requesting to enable CAPTCHA: * Hyp cannot influence CAPTCHA results. It also cannot control whether a visual challenge appears to users. * Although CAPTCHA is widely used, some users may struggle with visual challenges, potentially leading to abandoned transactions. * If CAPTCHA is unavailable, Hyp bypasses it and processes transactions without verification. * For [payment pages in iframes](/enterprise/payment-page-integration/full-page-redirect-vs-iframe-based-integration.md), ensure minimum dimensions of 580 (height) by 400 (width) pixels to display the CAPTCHA challenge properly. ## Enabling CAPTCHA CAPTCHA is disabled by default. If you want to enable it, [contact Hyp support](mailto:cg-support@hyp.co.il). The default implementation is Google reCAPTCHA v2, but if you prefer a different implementation, please inform the support team. CAPTCHA is enabled per merchant ID (MID) and becomes available on all terminals related to this MID. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://developers.hyp.co.il/enterprise/payment-page-integration/captcha.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.