Hi,
I have successfully added the reCAPTCHA widget to the lead submission form after registering domain and receiving a public and private key pair. (Documentation: https://help.salesforce.com/articleView?id=customizesupport_web_to_case_enable_recaptcha.htm&type=0&language=en_US&release=206.9)
Spring'17 release note: https://releasenotes.docs.salesforce.com/en-us/spring17/release-notes/rn_sales_web_to_lead_recaptcha.htm

During testing this functionality, I observed that an individual can bypass the recaptcha and submit the form. There's no validation that requires the user to click "I'm not a robot" in order to post the data.

My question is:
How is the "Verifying the user's response" process done in Salesforce?  Ref. : https://developers.google.com/recaptcha/docs/verify  

Do I need to create an Apex Class for this?
Has anyone successfully implemented this feature.  Salesforce Support was unable to help.

Any help is greatly appreciated!