I have an application that currently uses google maps and address search. I am about to switch to a higher tier of usage, but wanted to know what safeguards (if any) are in place to prevent a mischievous party from flooding the API call with my API key, therefore running up my usage numbers (even though it is not legitimate).
I know that google has some control in place where the user has to answer a captcha if google detects too much traffic coming from a certain IP address. In this case, would this help prevent the issue? If so, what is the rate at which someone could still hammer google with my API key?
You can set rate limits (per user) in the API console, for each API.