Our experts and industry insiders blog the latest news, studies and current events from inside the credit card industry. Our articles follow strict editorial guidelines.
In a Nutshell: Consumers may not realize that bots — software that automates online tasks — are responsible for up to two-thirds of all internet traffic. Malicious bots disrupt digital business operations and put human data security and the customer experience at risk. DataDome helps a global customer base protect mobile apps, websites, and platforms against card fraud and other bot-driven threats. By providing industry-leading tools to protect businesses against automated online attacks, DataDome has earned our Editor’s Choice™ Award.
Sony introduced its popular PS5™ game console in late 2020, but buying one at the suggested retail price was nearly impossible for more than a year after launch. Sony and its authorized eCommerce partners always seemed to be sold out, forcing gamers and gift-givers to pay a significant premium with third-party resellers.
The resellers, known as flippers, needed help to control the market to the extent they did, but it wasn’t difficult. With an inexpensive “resale bot” installed on a typical consumer-level laptop, anyone who wants to profit in a high-demand market can instantly purchase the available units, mark them up, and offer them for resale.
Complicating the problem is that flippers don’t need to be developers. Ready-made resale bot software is a demand-driven response to a market need — legal, cheap, and easy to operate.
In the case of PS5s, millions of consoles changed hands, but bots impact eCommerce at all scales. Perhaps most significantly for smaller firms, bad actors use bots to collect data for malicious purposes, gain access to account credentials, and test the validity of stolen credit card data, among other things.
Businesses need to ensure they interact and transact with human customers, not bots. DataDome provides state-of-the-art bot detection to protect eCommerce businesses from online fraud.
“Trust is the fabric of a successful internet, yet 77% of businesses have reported being fraud victims,” said Andrew Hendry, DataDome’s Senior Director of Product Marketing. “Our solution leverages AI and machine learning to beat illegitimate traffic in real-time.”
A global customer base trusts DataDome to protect digital assets, customers, and revenues without compromising privacy, compliance, or user experience. For providing best-in-class technology to keep businesses safe from online threats, DataDome has earned our Editor’s Choice™ Award.
Protect All Transactional Endpoints Against Attack
Bots account for as much as two-thirds of internet traffic, and 40% of that traffic hits mobile apps. Bot protection products from DataDome provide state-of-the-art protection for apps and websites and the platform communication interfaces known as APIs. Sensitive data remains safe and private, and the user experience is fast and uninterrupted.
DataDome’s advanced detection approach protects all vulnerable endpoints along the customer journey, from log-in pages to “add to cart” funnels to checkout (one of the most sensitive endpoints where payment fraud occurs). Protection is automated, so customers can free up their time to refocus on strategic priorities rather than reacting manually to every attack.
Customers value DataDome’s ability to detect and stop bot attacks that their existing solutions miss. DataDome analyzes 3 trillion signals per day to adapt to new threats and examines every request to an app, website, or API within two milliseconds. And the company’s 24/7 data science team continually enriches its machine learning models to improve responses.
A user-friendly, privacy-compliant, and secure CAPTCHA product integrates seamlessly into DataDome’s detection engine. It’s faster and more responsive than other third-party CAPTCHAs and set up so that bots can’t solve it, but humans can, with minimal effort.
Comprehensive threat analysis with industry benchmarks allows users to understand, at a glance and across all endpoints, when an attack happened, its duration, where the attack originated from, the domains and endpoints targeted, and how the threat level compares to similar attacks within the same industry.
Users can also take a deep dive into detailed data, including IP addresses, countries of origin, user agents, referrer domains, rules, and session IDs.
“As a result, businesses can stay ahead of the curve on protecting personally identifiable information, reduce fraudulent transactions to close to zero, and maintain the overall integrity of their user accounts,” Hendry said.
Instantly Detect and Stop Card Fraud
Protecting against card fraud is also vital. With most businesses already experiencing breach attempts, criminals are increasingly deploying more sophisticated attacks from powerful bot networks that evade basic defenses and traditional firewalls.
Carding and card cracking are common examples of bot-driven card fraud. To commit fraud, bad actors leverage the firepower of credit card bots to test stolen card data against payment processes, allowing them to identify valid card details or missing values in the stolen information.
Card fraud results in many undesirable consequences for online companies. It can increase payment authorization requests, resulting in higher authentication fees from payment processors. And because bots can test massive sets of serial numbers, server loads and bandwidth costs increase.
When card fraud runs rampant, companies spend resources mending fences with payment processors, hosting services, and customers. They also face significant reputational damage.
While fraud is particularly prevalent in eCommerce, carding is a growing problem for any company that sells goods or services online. Card-not-present (CNP) transactions are a major cause of the damage because chip-and-pin technology doesn’t work in those scenarios, and merchants cannot physically verify a cardholder’s identity.
Card fraud is the most reported form of identity theft. Research indicates CNP attacks will cost retailers $130 billion annually by 2023. And when customers experience card fraud, there’s about an even chance they’ll report they won’t return to the retailer creating the breach.
The DataDome solution also benefits from simplicity. Deploying it is as simple as installing a program on a consumer device. It’s up and running in minutes, ready to leverage its massive in-memory pattern database on the customer’s behalf.
“Our solution stops all carding bots before they reach an online business’s mobile app or website — and it does so in milliseconds without disrupting the user experience.”
DataDome: A Trusted Global Online Security Provider
Among DataDome’s 250+ global customers are some of the world’s most prominent online platforms, including TripAdvisor, The New York Times, Reddit, Hermes, Peapod, Rakuten, and LVMH.
The company receives feedback from a variety of channels. A dedicated customer success team maintains close contact with customers to gather feedback and ensure success, deploying regular surveys to measure customer happiness.
Thanks to its threat research, technical support, and customer success teams, DataDome’s Net Promoter Score℠ of 73 far exceeds the average for enterprise software.
“Customers consistently report clean traffic, improved customer satisfaction, substantial time savings for IT teams, reduced server loads, restored website performance, reduced infrastructure costs, and the elimination of data theft,” Hendry said.
For example, the prominent luxury homeware brand AMARA reported a 15% reduction in server load and 100% stable traffic and website performance. Kurt Geiger, the top premium footwear brand in the UK, reported fewer traffic spikes and less pressure on the backend systems.
The Topps Company, a leading creator and marketer of distinctive confections and sports and entertainment products, enjoys significant server cost savings, up to 50 person-hours per day saved, and a positive user experience restored.
And The Fork, a TripAdvisor company, benefits from the elimination of web scraping and account takeover attempts, with 100% of its infrastructure available for legitimate traffic.
As more firms adopt DataDome, resale bots like the one that decimated Sony’s PS5 rollout (and tools with more malicious intent) encounter a less inviting environment online. That means consumers are far more likely to find what they came for online — an unimpeded experience.
“The best way to prevent card fraud (and all other forms of bot threats) is with an advanced bot protection solution that blocks the most sophisticated bots from accessing your websites, apps, and APIs,” Hendry said. “That’s DataDome.”