For me I find hCaptcha harder and more ambiguous than what I have experienced with reCaptcha.
The ambiguity might be because my phone is set to Japanese. I got asked to identify 電車 (Densha, electric train), but there were also images of diesel train. Is it translation error, or is it really asking me to identify electric train? (The correct term for train in general in Japanese is 列車 ressha)
I don't think you can? That repo has the translations of the strings used by the "meta"-part of the service, stuff like "accessibility information". I can't see any text used by the actual tasks.
Far, far superior to reCaptcha from a user's perspective using Tor. I can solve a few puzzles with hCaptcha and I know I'll get through and see the content. With reCaptcha I might solve 3 puzzles and then get denied anyway, or I might solve 10 puzzles with no end in sight and give up.
Not sure if I'm seeing patterns in noise, but with recaptcha I felt that timing and mouse movements are just as important as clicking the right images. It feels like solving the puzzle quickly and using minimal mouse movements has a higher chance of being denied compared to waiting some time between clicks and adding some superfluous mouse movements.
But also far superior to reCaptcha from a bot's perspective using Tor. Don't get me wrong: I also hate solving a gazillion captchas only because I'm using a VPN or get outright denied because my IP address happens to be a Tor exit node. At the same time you have to acknoledge that captchas don't stop bots, only slow them down or increase their operating costs. People in third world countries happily solve one image recognition challenge by Google or hCaptcha for far less than a penny. If Google's goal is to drive the costs up for malicious bot operators, then they're definitely doing the right thing. In the end, it won't stop them either since buying a couple thousand infected computers is probably not that expensive, but it is yet another stepping stone for anyone trying to bypass their captcha.
BotStop by hCaptcha (enterprise). AFAIK there's also a Google reCaptcha frontend that doesn't require JS. Neither companies offer those solutions because of privacy or security benefits, but to support old IE versions of course.
Personally I find it much more difficult than recaptcha. The tests themselves aren't much worse but since I have a Google account HCaptcha shows up more frequently.
Small price to pay to prevent Google from having tracking scripts and metrics on users of every major website. hCaptcha at least somewhat values user privacy.
We switched a couple of months ago. Integration wasn't more or less difficult, works alright with our test suite. Some users feedback "Why do I have to identify boats?" but otherwise we found no difference number of blocks or user behavior.
Dislike it, to say the least. Since it doesn't seems to remember that I'm a human (reCpatcha did), now I have to constantly solve captchas on CF sites.
With hCaptcha (enterprise ver) this is entirely under the control of the customer.
We're not "remembering" in the same way, but have good enough instantaneous scoring to correctly guess whether or not a challenge is required most of the time.
Some customers may disable that option to meet their requirements. Not much we can do about that :)
It's been terrible, when Cloudflare switched to hCaptcha it not only broke our app but it seems every time they make a change it breaks something else. We might be a special case but it's hard to say since all they say it's "quirks" and they keep making changes without announcing anything.
I really don't like it. They are generally harder and if I visit a CF site multiple times, I have to solve them multiple times. Even if this is up to the customer, it's annoying and should be discouraged.
I didn't mind solving a reCaptcha once, I mind forcing myself through these every 10 minutes.
It is more annoying than reCAPTCHA if you don't aggressively block tracking. because I rarely need to solve it manually in reCAPTCHA, while it is not the case with hCaptcha.
