A couple of weeks ago, I read an interesting article by Tim Allen (no, not “Tool Time Tim”) about how having a CAPTCHA on your website could be really bad for business. For those unfamiliar with the term, “CAPTCHAs” are those annoying boxes filled with scrambled letters that you must solve before completing an action. It is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart.”
CAPTCHAs are supposed to stop bots from spamming your website or initiating a DOS attack. More often than not, you’ll see websites employing CAPTCHAs for things like comments on blogs or product reviews on eCommerce websites. Sometimes, though, you’ll even see websites using them during the payment stage – something I recently noticed GoDaddy.com doing.
Now, I certainly understand how stupid it is to make people solve a CAPTCHA right after they have entered all of their payment information (shame on you GoDaddy). After all, what robot is out there buying things (and could you please send it my way)?
Some of the CAPTCHA services create scrambled words that are so difficult to read, you’d swear there was somebody giggling behind a curtain, ready to spring out with the announcement, “You’ve been punked!” I’ve given up plenty of times when trying to comment on a blog article when the CAPTCHA was ridiculously hard to decipher. I’d sure hate to think people were doing that when attempting to place an order!
Of course, many of these spam protection services offer a less than helpful audio CAPTCHA that is supposed to make it easier. If you’ve ever tried to solve an audio CAPTCHA, you’d swear that the computer generated voice is really some space alien speaking underwater through a Kazoo.
I think we can all agree that there is absolutely no reason to make a CAPTCHA part of your checkout process. But, according to Tim, you should avoid using them altogether. He says that having a CAPTCHA anywhere on your website is like a retail store asking every visitor if they are a thief.
Tim Allen cites a 2009 article by Casey Henry that stated that a company could increase their conversion rate by 3.2% by getting rid of CAPTCHAs – and this was back when solving the word puzzle was pretty straightforward stuff. I imagine that with today’s more complicated CAPTCHAs, that conversion increase could be well over 5%.
Although some companies are turning to easier spam fighting methods, like asking visitors to answer a question related to a video clip or answering a simple addition question, that doesn’t solve the real problem, says Tim, which is that you are intentionally creating a barrier between a visitor and the task they are trying to accomplish.
Is it worth it? Does not having a little bit of spam in your inbox mean that it is acceptable to annoy site visitors and potential customers? Probably not, says Tim. If you do decide that you absolutely must have some sort of spam protection, he does offer a couple of less obtrusive solutions:
- Use Akismet – Akismet’s database of known spammers and Boolean filters are very effective at eliminating the majority of spam and don’t interfere with the user experience at all.
- Employ the Honeypot Technique – A “honeypot” is an invisible field that bots will see and fill out but real visitors will never see. Chances are very good that if that invisible field is filled out, it was done by a bot and those results can be filtered out of your Email.
Another method not mentioned by Tim Allen is to use DISQUS (pronounced “discuss”) for blog comments. People simply enter their comment, click on one of the social network buttons that they are a member of like Facebook or Twitter and sign into that social account, which will post the comment for them. Of course, if they don’t have a Facebook or Twitter account that doesn’t solve the problem and it still is a barrier that hinders user experience.
No matter what method you decide to employ, eventually the bad guys will catch up and defeat it. Sometimes it’s better to just to shrug and become very familiar with your DELETE key. That sure sounds better than harming user experience and perhaps even sales, doesn’t it?