Enable reCAPTCHA to Protect Against Automated Abuse
We have decided to enable Google's reCAPTCHA to protects you against spam and other types of automated abuse from making verification requests, especially using SMS or WhatsApp as it will cause you to lose money from sending these messages.
reCAPTCHA is now available for the JavaScript SDK. We are using invisible Google reCAPTCHA v2. This means that the reCAPTCHA prompt will be automatically triggered when the user press "Login", and if Google has suspicions about this request, it may prompt the user to solve some puzzle. Here's how it looks:

reCAPTCHA using Cotter's JS SDK
Go to Settings > Branding > Magic Link Form or OTP Verification Form > Phone Number

Captcha settings can only be enabled for Phone Number verification
Option 1: Set the container
div
to at least 530px
high, 300px
wide.<div
id="cotter-container-signup"
style="width: 300px; height: 530px"
></div>
Option 2: Allow scrolling.
<div
id="cotter-container-signup"
style="overflow: scroll; width: 300px; height: 300px;"
></div>
Under Rules, turn on Captcha Required:

Require Captcha for Email/Phone Number verification
Note that any verification request for email/phone number will require a valid reCAPTCHA token.
To test how reCAPTCHA looks like:

Inspect Element > Toggle Device Toolbar

Select from the Dropdown and click Edit

Add a custom device called Googlebot/2.1
From now on, if you're using this emulated device, you will be prompted to solve the reCAPTCHA.