Google Cloud Fraud Defense, the Next Evolution of reCAPTCHA

Jian Zhen Group Product Manager The agentic web — where autonomous AI agents reason, plan, and execute complex transactions using the open web and industry standard protocols — aims to create an autonomous customer experience. While these agents can significantly enhance online interactions, they also introduce new abuse and fraud vectors, creating unique challenges for security platforms. This rise in sophisticated automation requires a fundamental shift in risk management. Today at Google Cloud Next, we are launching Google Cloud Fraud Defense, a trust platform for the agentic web. As the next evolution of reCAPTCHA, Fraud Defense is a comprehensive platform designed to verify the legitimacy of bots, humans, and AI agents, providing businesses with the intelligence needed to secure their digital interactions and commerce. Agentic activity in the Fraud Defense dashboard. As part of our mission to enable a safe agentic web, Fraud Defense introduces a powerful suite of capabilities that allow customers to measure and control agentic activity on their websites. By using the same global signals that protect Google’s own ecosystem, businesses can now enable trusted experiences for both human users and AI agents alike. Creating policies for agentic traffic in the Fraud Defense policy engine. These new capabilities include: - Agentic activity measurement: A new dashboard to help you measure and understand agentic activities. We are integrating with industry standards such as Web Bot Auth and SPIFEE, as well as using traditional methods, to identify, classify, and analyze agentic traffic, and connecting agent and human identities to better understand risk and trust. - Agentic policy engine: To provide you with granular control at different stages of the end user interaction across the entire journey, Fraud Defense’s agentic policy engine allows you to allow and block agents and users based on conditions that include risk scores, automation types, and agent identity. - AI-resistant challenge: As we identify potentially fraudulent behavior from agents, we enable application providers to deter and mitigate malicious requests by requesting humans to be in the loop using the new QR code-based challenge. This AI-resistant mitigation challenge to prove human presence is designed to make automated fraud economically unviable. New QR-code challenge in a shopping website. reCAPTCHA will continue to be the core bot defense pillar of the broader Fraud Defense platform. Existing reCAPTCHA customers are automatically Fraud Defense customers, with no migration required, no action needed, and no change to pricing. Your existing site keys and integrations remain exactly as they are today. The trust platform for the agentic web At Google Cloud, we believe preventing fraud and abuse in the agentic web should fundamentally result in a simpler customer experience. Fraud Defense uses a three-pronged approach to help enable a safe agentic web and drive business growth: 1. Preventing evolving threats We protect your business with the same fraud intelligence that secures many of Google’s services. As threats shift from bot automation and invalid traffic to agent takeover and large-scale, AI-driven synthetic identity fraud, Fraud Defense identifies emerging threats before they reach your site. This unrivaled visibility, built upon a massive fraud intelligence graph that already protects 50% of Fortune 100 companies and over 14 million domains globally, provides a level of collective immunity and verified trust that local data alone can not match. 2. Securing the customer journey Attackers don’t target endpoints in isolation; they target digital journeys. This is even more true in the agentic web as agents are being tasked to perform end to end journeys. Fraud Defense provides a unified view of risk — from registration and login to payment and checkout. By correlating telemetry across the entire lifecycle, our unified trust model identifies complex, multi-stage fraud campaigns that disconnected point solutions miss. This holistic view has demonstrated a 51% average reduction in account takeover (ATO) by accurately distinguishing between legitimate customer activity and sophisticated abuse. 3. Accelerating business growth In the agentic economy, friction kills conversion. Fraud Defense is designed to be invisible for the majority of users, replacing disruptive puzzles with silent background verification. By using our intelligent trust model, we allow you to surgically block malicious bots, humans and agents, while confidently welcoming legitimate users, including AI shopping assistants that drive a projected 25% increase in average order value, according to the 2025 Shopify Retail Report. Learn more about how Fraud Defense works We invite you to join us at Next ‘26 to talk about new capabilities designed to help protect you as you continue your journey on the agentic web. While you’re there, be sure to attend our breakout session and visit our demo pod, where you can see Fraud Defense in action and learn more directly from our experts. We look forward to meeting you there and discussing how we can safeguard your organization’s future in this changing landscape. To take the next step in your journey to the agentic web, please check out the Fraud Defense website and log into the console. You can follow all of our security announcements at Next ‘26 here.