It's not just banking. How can sites be so credulous to include 3rd party javascript into their login form pages? It's an invitation to steal your users' credentials! If you really must rely on a 3rd party captcha service put the captcha into an iframe or put it on a separate page.