How to handle low score of Recaptcha v3

I implemented Captcha v3 on my site in the following areas with their appropriate Google specified actions:

• Login
• Register
• Homepage
• Subscription Purchase
• Main "do the thing" page of the application, in other words where the magic happens.

But what should happen if I detect a low score? Meaning Google thinks the user is either spam, bot or a security risk.

I can think of these options:

• Display a message inline ie "Suspicious behavior detected. Please try again later. Contact support link"
• Throw them over to a new page with a similar message and log them out.
  • Ask them to verify they're identity another way, ie email confirmation or SMS.

Has anyone learned any lessons on handling low scores and providing the best experience? -