OctoGateAI

Verify humans.
Read what you can't
screenshot.

A word is moving in the dots below. Humans see it in about a second. Frontier AI models — given screenshots, frames, even full video — read the decoy and miss the message.

> Try it

Type what you see.

You've solved 0 · Stored in this browser (demo counter)

~1s
Human solve time
Median, first try, no reveal
0/N
Documented AI solves
Unprompted, without being told the technique
~15KB
Widget bundle
Vanilla JS, canvas 2D, zero dependencies

Why this works

> Humans pass fast

No distorted letters, no fire hydrants. The moving word pops out of the noise in under a second, at any age and reading level.

> Screenshots are empty

Pause the challenge or download a frame: a frozen image is statistically flat noise. There is no glyph to OCR, so vision-model attacks return nothing.

> Decoys punish analysis

A near-static decoy word hides in every challenge. Agents doing frame analysis find it, answer confidently — and answer wrong. Motion vectors randomize per challenge.

Frontier models, on the record

We feed every challenge to leading models and publish the transcripts — the guesses, the hallucinated decoys, the reasoning chains that end in the wrong word.

Sample layout — replace with documented runs before launch.

Model
GPT-5
Verdict
— run pending —
Model
Claude Opus 4.7
Verdict
— run pending —
Model
Gemini 2.5 Pro
Verdict
— run pending —
Model
Grok 4
Verdict
— run pending —
Model
Llama 4 Behemoth
Verdict
— run pending —
Model
DeepSeek R2
Verdict
— run pending —

Drop in the snippet

Two elements on the customer page. One siteverify call from your backend to redeem the token. That's the whole surface.

> On the customer page
<script src="https://octogate-backend-production.up.railway.app/widget/v1.js" async defer></script>

<div class="octogate"
     data-sitekey="ogk_..."
     data-api="https://octogate-backend-production.up.railway.app"
     data-theme="dark"></div>

<script>
  window.OctoGateAI.onSuccess = function (token) {
    document.getElementById('captcha_token').value = token;
    document.getElementById('signup_form').submit();
  };
</script>
> Your backend redeems it
POST https://octogate-backend-production.up.railway.app/api/siteverify
Content-Type: application/json

{
  "secret": "ogs_...",
  "token":  "<token from widget>"
}

// → { "success": true, "kind": "success", "issued_at": ... }

Bleeding from AI-generated abuse? Let's talk.

Design partner slots open. If your signup, comments, or forms are getting flooded by AI-driven traffic, we want to hear about it.