Hi,
From the reference article, you’ll see that our CAPTCHA system uses the “proof of work” model. This basically means we present a complex task – something that is compute intensive – to the visitor, and ask them to solve the problem/challenge.
The complexity of the challenge is as it sounds – how hard or how much effort/work will it take to solve the challenge. Ideally you’ll want the challenge to be a challenging as possible, but legitimate visitors with slow/old devices may take longer to solve the challenge. So if you expect your normal visitors to be predominantly running on mobile, or older devices, choose a lower challenge complexity.
If you choose “adaptive”, then Shield will present a challenge complexity based on how the visitor is presenting (typically the useragent).
Hope that helps.