diff --git a/go-backend/internal/services/altcha_service.go b/go-backend/internal/services/altcha_service.go
index 260025e..9c4840e 100644
--- a/go-backend/internal/services/altcha_service.go
+++ b/go-backend/internal/services/altcha_service.go
@@ -23,10 +23,6 @@ func NewAltchaService(secretKey string) *AltchaService {
 
 // VerifyToken validates an ALTCHA token using the official library
 func (s *AltchaService) VerifyToken(token, remoteIP string) (*AltchaResponse, error) {
-	// Allow bypass token for development
-	if token == "BYPASS_DEV_MODE" {
-		return &AltchaResponse{Verified: true}, nil
-	}
 
 	if s.secretKey == "" {
 		// If no secret key is configured, skip verification (for development)
diff --git a/go-backend/internal/services/turnstile_service.go b/go-backend/internal/services/turnstile_service.go
index 5407483..fc48b4b 100644
--- a/go-backend/internal/services/turnstile_service.go
+++ b/go-backend/internal/services/turnstile_service.go
@@ -35,10 +35,6 @@ func NewTurnstileService(secretKey string) *TurnstileService {
 
 // VerifyToken validates a Turnstile token with Cloudflare
 func (s *TurnstileService) VerifyToken(token, remoteIP string) (*TurnstileResponse, error) {
-	// Allow bypass token for development (Flutter web)
-	if token == "BYPASS_DEV_MODE" {
-		return &TurnstileResponse{Success: true}, nil
-	}
 
 	if s.secretKey == "" {
 		// If no secret key is configured, skip verification (for development)