Roundtable’s API provides continuous bot and fraud prevention without adding friction for your users. We solve this by combining two independent signal streams:
These streams feed real-time models that generate a single risk score that continuously updates throughout the user session.
Roundtable never records the content of keystrokes and does not use any cookies.
Traditional CAPTCHA products evaluate risk at a single moment and then stop collecting data.
Challenge-based CAPTCHAs (puzzles such as reCAPTCHA v2 or classic hCaptcha) trigger once, usually on form submit. They see only how the user solves the puzzle; after the token is issued, tracking ends until the next challenge.
Score-based CAPTCHAs such as reCAPTCHA v3 or hCaptcha Enterprise run silently on page load or API call and the score you receive reflects that snapshot alone. Any behavior that happens later in the session is invisible.
Roundtable is designed to stay active across the entire user session, with our risk signal improving as the user keeps interacting. If the session spans multiple pages, our tracker can automatically stitch data from each page together, giving you a single uninterrupted view of the session.
For single-page applications (SPAs), place the script tag in index.html
so it loads once and tracks the entire app session. This root-level integration is the ideal way to ensure every interaction is captured.
Beyond SPAs, add the tracker to any pages where you see fraud, spam, or abuse, as well as pages that sit immediately upstream:
As long as the user remains in the same tab, Roundtable keeps a stable session ID — even across route changes in an SPA or full navigations to separate pages — by persisting the ID in sessionStorage
. We use this ID to continuously stich the session data together and give you an up-to-date risk score at any point during the session.
Next steps: see our Integration Guide for more details on adding our tracker to your app or page.