EU CAPTCHA for Android

Frequently Asked Questions

• What is an Android CAPTCHA?

  An Android CAPTCHA is a security mechanism that verifies whether a user interaction in your Android app originates from a real person or an automated bot. EU CAPTCHA for Android runs invisibly in the background inside a WebView, requiring no manual challenge from the user while still blocking automated abuse.

• How does EU CAPTCHA for Android work?

  EU CAPTCHA for Android works by loading a JavaScript-based verification widget inside a WebView component. The widget analyzes device and behaviour signals silently, then generates a signed token. Your app sends this token to your backend, which verifies it against the EU CAPTCHA API before accepting the form submission.

• Is there a native Android SDK for EU CAPTCHA?

  Yes. The official EU CAPTCHA Android SDK is available on GitHub and provides a native integration without requiring a WebView. It is the recommended approach for new Android projects. Alternatively, EU CAPTCHA also works through a standard WebView by loading the verify.js script, which works with any Android project regardless of language or architecture.

• Is EU CAPTCHA for Android GDPR compliant?

  Yes. EU CAPTCHA is operated by an EU-based company, is hosted entirely in Germany, and does not rely on US cloud providers or infrastructure subject to US surveillance laws. The service processes only the data necessary to provide and verify the CAPTCHA (such as IP address and technical device information) in line with the GDPR. Your organization remains responsible for providing transparent privacy information, selecting an appropriate legal basis, and obtaining any required consent for your specific Android app implementation. This information does not constitute legal advice; please consult your legal counsel for an assessment of your individual case.

• What types of Android apps benefit most from EU CAPTCHA?

  Any Android app that includes login screens, registration flows, contact forms, checkout pages, or any form that accepts user-submitted data benefits from EU CAPTCHA. It is especially valuable for apps in e-commerce, banking, healthcare, and other sectors that are frequent targets of credential stuffing or spam bot attacks.

• Does EU CAPTCHA affect the user experience in my Android app?

  No. EU CAPTCHA runs entirely in the background without displaying any visible challenge to the user. There are no image grids, audio puzzles, or click tasks. The verification is fully invisible, so your app's user experience remains uninterrupted. Accessibility for users with disabilities is also fully preserved.

• How do I verify the CAPTCHA response token on my backend?

  After the widget generates a token, your Android app sends it alongside the form data to your backend server. The server makes a POST request to the EU CAPTCHA verification API with your secret key and the token. If the API confirms a valid human interaction, the form submission is accepted and processed.