From WHMCS Documentation

Differentiating between humans and bots (computers) is an ever-changing and more challenging task.

As bots and software have become more sophisticated, a common solution was to make the text more difficult to read, which can result in frustrated and lost potential clients. Google's reCAPTCHA set's out to change that. They have created a system that is easy for people, but hard for bots. By using an advanced and more secure risk analysis engine, humans and bots are more effectively differentiated.

The first step in authentication is to ask the user to confirm that they are not a robot by ticking a checkbox. While this sounds simple, Google's risk analysis engine takes a lot into account about how the user came to tick the checkbox, including how the user responds before, during, and after the action. In cases where the engine cannot confidently differentiate, a mobile-friendly verification tool like image selection from a list may be supplied or a CAPTCHA itself.

Google's reCAPTCHA may be enabled by navigating to Setup >> General Settings, selecting the Security tab, choosing the reCAPTCHA Captcha Type radio button, and entering the public and private keys supplied by Google. More information is available here.

Below are some examples of how the reCAPTCHA challenge may be presented to your end users.