Re: Integrating google invisible reCaptcha to a Marketo form

Grégoire_Miche2 · ‎03-15-2017

Hi All,

Google recently launched a new captcha under the name of "invisible reCaptacha". See here for the details on the integration.

Has anyone looked into integrating it with Marketo forms?

Also google proposes a way to verify the user's response from the backend. It this a mandatory step? It apparently takes an additional field and a webhook call.

I am not sure I like it if I need to check every form submission in the back end, instead of simply blocking the submission from the front end...

-Greg

SanfordWhiteman · ‎03-15-2017

Greg, you *have to* verify Captcha entries on the back end -- this is mandatory for all old Captcha technologies and all new ones. Without this step you're not stopping anyone from forging a successful result.

We use the invisible variant same as the previous "I am not a robot" style. Should be noted that some people will still get a visible challenge, as always.

View solution in original post

Anonymous · ‎11-28-2017

I`m trying to insert the recaptach and it`s not working. I`m not sure if this is related to the fact that we don`t have the SSL set up on our Marketo Landing pages. Can you clarify me on this?

SanfordWhiteman · ‎11-28-2017

SSL isn't your problem. You'll have to include a URL so we can look at your code.

Grégoire_Miche2 · ‎10-17-2017

Hi Sanford Whiteman,

How do you integrate the invisible recaptcha with a Marketo form ?

-Greg

SanfordWhiteman · ‎10-17-2017

Same as for the v2 reCAPTCHA (easier, actually, since you don't need to make space for the widget itself inside the form). Bind grecaptcha.execute() to the form's .onSubmit().

Marketo_Team · ‎10-28-2017

Hi Sanford Whiteman,

When you write "bind", do you mean simply adding the following line of code to the onSubmit():

grecaptcha.execute()

Or would you recommend that we do it as in your codepen exemple and manage the Onvalidate ?

-Greg

SanfordWhiteman · ‎10-28-2017

You could do it in either event, but semantically the invisible version fits better in onSubmit, I think.

Luke_Richardso1 · ‎11-08-2017

Hi Stanford,

Do you know if it's true you need your Marketo forms to be served over HTTPS in order to activate the new Invisible captcha?

SanfordWhiteman · ‎11-08-2017

I'm not aware of that restriction, but I only use SSL pages. Where are you getting that from?

Luke_Richardso1 · ‎11-08-2017

Invisible reCAPTCHA | reCAPTCHA | Google Developers

right here^

It mentions HTTPS protocol below the binding to the button code snippet. We currently don't have SSL set up on our Marketo served landing pages.

SanfordWhiteman · ‎11-08-2017

"The script must be loaded using the HTTPS protocol" refers to how you load the api.js.

Grégoire_Miche2 · ‎10-18-2017

Thx

SanfordWhiteman · ‎03-15-2017

Greg, you *have to* verify Captcha entries on the back end -- this is mandatory for all old Captcha technologies and all new ones. Without this step you're not stopping anyone from forging a successful result.

We use the invisible variant same as the previous "I am not a robot" style. Should be noted that some people will still get a visible challenge, as always.

Grégoire_Miche2 · ‎03-15-2017

Hi Sanford,

Thx

-Greg