eCommerce News Asia logo
The latest digital commerce news for Asian businesses
Story image

How a major electronics retailer ended the bot menace on its portal

It’s May 2020, and a large electronic goods retailer realises its bot problem is going from bad to worse.

In a single week, its online store is hit with eight million bot visits to systematically scrape pricing and product information without authorisation, not to mention 53,000 customer account takeover attempts, 136,000 denial of inventory attacks, and 234,000 attempts to conduct affiliate link fraud.

Even without these malicious activities, bot traffic is tying up valuable resources in ways guaranteed to hurt the bottom line.

For a firm operating 300 retail stores that attract ten million shoppers a year to its website, this level of bot traffic is unsustainable. It’s risking not only lost sales and rising costs but also damage to a brand image built with huge effort over many years.

Bad bots affect retailers in a range of sinister ways:

  • Account takeover (ATO) fraud – Criminals breaking into a customer’s account to carry out a range of frauds, including identity theft, stealing loyalty points, or making fraudulent transactions.

This often happens because of credential stuffing, which exploits the fact that many customers reuse the same username and password across multiple accounts. When those reused credentials are leaked or breached and then sold on the dark web, users’ accounts are vulnerable to ATO.

  • Denial of inventory – Filling baskets with products without paying for them. This ties up inventory, artificially reducing product availability while damaging the retailer’s sales.
  • Affiliate fraud – Earning rewards from a site by generating large amounts of junk traffic. Retailers end up paying for nothing.
  • Wasting resources – Dealing with bot traffic makes it difficult for marketing teams to get accurate KPI data to plan for growth.
  • Carding attacks – Using retail websites to ‘test’ stolen credit and debit card data. Retailers are often left with the cost of reimbursement ­— and a poor merchant reputation.
  • Scalping – Using automated programs to grab desirable inventory before real customers can. The goods are then resold at inflated prices on the secondary market.
  • Web scraping – Stealing pricing and other proprietary data for rivals or other malicious purposes. A variation on this is scraper bots that steal other website content, including reviews and product descriptions.

Oddly, the last two bot activities are not illegal in many countries. However, this doesn’t mean that the retailer should tolerate them. For example, scalping can hurt the reputation of a retailer with genuine customers.

Bots can be hard to see until trouble strikes. Bad bots plague today’s retailers all year round, but the extent of the problem often becomes even more magnified at peak times, such as holiday seasons when traffic naturally spikes.

For example, during Thanksgiving 2021, a group of six prominent e-commerce websites protected by my company’s bot manager were flooded with bot traffic. Traffic volume ranged from more than four million bots per day to well over nine million bots per day during the week prior to the holiday.

To a retailer without bot protection for its website or apps, these numbers represent potential attacks that can wreak havoc on the user experience. Some retailers may experience website slowdowns that frustrate shoppers. Others may see a drain on the inventory of highly sought-after products that are snatched up by scalpers for resale rather than loyal customers.

Still others will field complaints on their support line about cashed-out gift cards and loyalty points. Not only does the customer experience suffer, but ultimately brands are damaged, and revenue is lost.

So, how did the bot battle end for the large electronics retailer mentioned earlier?

The retailer knew something was wrong, but what? How big was this problem? In search of a solution, the company made the decision to trial a leading web application firewall (WAF) and application protection solution.

The security vendor’s analysts discovered that more than 50% of all visitors to the retail site were, in fact, bots. This was an unsustainable situation that, if left unchecked, could lead to the adverse consequences mentioned above and invite even more damaging bot attacks.

To further evaluate the situation, the retailer initiated a proof of concept (POC) trial with my company’s bot manager, using our NGINX connector to integrate with its website. After analysing visitor traffic for a week, the bot manager went into ‘active mode’ and began to block over two million bad bots every day thereafter.

Suspected bots were shown a CAPTCHA to solve to enter the website. Only 0.25% of these challenges were solved, which meant that almost all bots were blocked, and genuine visitors were not shown a CAPTCHA while visiting the website.

CAPTCHA challenges, of course, are only an initial step in an overall bot detection process that is powered by a patented intent-based deep behaviour analysis technology. This technology offers unmatched accuracy in detecting sophisticated bots that emulate human behaviour as they traverse a website or application.

Soon after our successful engagement with this retailer, my company learned that earlier, they had also conducted a POC with a global provider of CDN and bot mitigation services, which fell short in two major areas when compared to our results:

  • The competing solution detected approximately 20% fewer bad bots than we did. Considering we detected and blocked two million bots daily, this would theoretically mean 400,000 bad bots carried out attacks every day.
  • The competing CDN-bundled bot mitigation solution required all website traffic to be rerouted through its servers for bot detection, which was an unacceptable proposition for this retailer (and any organisation serious about data privacy and protection).

In the end, the result was clear — a leading bot protection solution had proved itself more effective under real-world conditions.

Related stories
Top stories
Story image
Sustainable IT
Adobe surveys sustainability at work in Hong Kong employees
The top three sustainability practices are reducing paper usage (46%), digital document storage and management (43%), and curbing electricity consumption (37%).
Story image
Customer Relationship Management
NetSuite helps Australian bridal boutique to scale operations globally
Grace Loves Lace is now using Oracle NetSuite to create enhanced experiences for brides from Queensland, Australia, to locations worldwide. 
Story image
Artificial Intelligence
Exclusive: Uniphore shares how Conversational AI can be the key to business success
Conversational AI and Automation are vital tools to help further promote organisational cohesion and communication, and Uniphore is leading the charge.
Story image
Customer Relationship Management
NetSuite introduces CPQ to help organisations simplify sales process
NetSuite CPQ is the only native configure, price and quote solution built on the NetSuite platform. It works with NetSuite ERP, CRM, and eCommerce solutions
Story image
Mobile Device Management
How to easily scale your mobile workforce and devices for the peak shopping season
Retailers are under constant pressure to streamline processes and become more efficient while looking for ways to improve customer satisfaction levels.
Story image
Payment gateways
PXP Financial partners DisputeHelp management platform
The partnership will provide an end-to-end dispute management platform across all payment schemes for their merchant portfolio.
Story image
Customer Relationship Management
Salesforce launches the first carbon credit marketplace
Salesforce has introduced the Net Zero Marketplace to make carbon credit purchases simple and transparent, aiming to scale the climate-positive impact.
Story image
Data analytics
Cross-team partnerships: The foundation for seamless digital experiences for customers
The region’s digital consumer population will continue to grow exponentially, reaching 370 million by the end of 2022.
Story image
Data management
Talend Data Health Barometer reveals ability to manage data is worsening
Most respondents believe data is important, 97% face challenges in using it effectively, and nearly half say it’s not easy to use data to drive business impact
Story image
Demand for Australian brands grows in China despite tension
67% of China’s cross-border online shoppers expecting to increase their online spending for western and Australian goods in the coming year
Story image
Marketing Automation
Marketplacer recognised in Gartner Hype Cycle for eCommerce
Marketplacer has been recognised in the Gartner Hype Cycle for Digital Commerce 2022 as a sample vendor in the enterprise marketplaces category.
Story image
Artificial Intelligence
Ordr improves security and management of connected devices
It has implemented more than 80 integrations within the Ordr Data Lake while adding security enhancements to accelerate zero trust segmentation.
Story image
Banking-as-a-Service to hit mainstream within two years
Some 30% of banks with greater than $1bn in assets will launch BaaS for new revenue by the end of 2024, but half will not meet revenue expectations.
Story image
Satellite technologies
Kacific wins big at the World Business Outlook Awards
The Kacific Group has been recognised in the World Business Outlook Awards for providing high-quality broadband services and infrastructure throughout APAC.
Story image
Digital commerce
VTEX and Adyen partner to extend unified commerce experience
"Through our partnership we are creating an all-in-one place that allows sellers to meet customers where they are in the buying process and unlock opportunities."
Story image
Payroll systems
Video: 10 Minute IT Jams - An update from UKG
Charlie DeWitt and Greg McManus join us today to discuss the importance of payroll in todays operating environments, and why automated processes can often be a key driver of success.
Story image
Business Intelligence
IDC finds the majority of executives expecting a recession
59% of respondents believe 2023 will be a recession year. Of these, nearly 30% believe we are amidst a recession. Another 26% expect a recession in later 2022.
Story image
Zai announces partnership with TerraPay to accelerate global payments
This partnership supports both Zai and CurrencyFair's product suite, with better coverage across the global payments ecosystem
Story image
Artificial Intelligence
CUE Group expands operations at its Singapore hub
The Singapore-headquartered digital technology group has doubled down on its expansion into the Southeast Asian region.
Story image
The metaverse, cryptocurrency and NFTs set to revolutionise retail
BigCommerce has released its consumer survey designed to give retailers insight into current and emerging trends shaping the way consumers buy from brands.
Story image
Artificial Intelligence
Salesforce introduces new Customer 360 innovations
Salesforce has introduced new Customer 360 innovations, which are set to provide companies with better automation and intelligence technologies.
Story image
Artificial Intelligence
The App Edit: why conversational commerce is overtaking the app
Consumers appear to be suffering choice fatigue and are reducing the time spent across different apps. People favour a small selection of quality items in their wardrobe, and they’re taking the same approach with their apps.
Story image
Marketplacer available on Salesforce AppExchange now
Marketplacer is now available on Salesforce AppExchange, an enterprise cloud marketplace, as the Marketplacer Salesforce Commerce Cloud Cartridge.
Story image
Ready, set, flop: four reasons why your online marketplace could struggle to gain traction
There’s a saying that ‘you have to spend money to make money’. That’s not always the case but the old maxim certainly holds true when it comes to online marketplaces.
Story image
Future Tech
Top seven CIO disruptions highlighted by Gartner
CIOs need to consider “what if” scenarios to avoid being blindsided by social, behavioural and technological disruptions, according to Gartner.
Story image
Employees unsure who to go to to report security incident
A new study shows more than 20% of the untrained global workforce do not know who to contact during a security breach.
Story image
Cybersecurity threats finance sector facing more cunning
The financial sector continues to be victimised by motivated organised crime, with servers being involved in 90% of financial breaches.
Story image
Customer Relationship Management
New kid on the block: How your business can build up its online marketplace expertise
Without the support of a skilled team, it’s impossible to realise the benefits of an online marketplace in full, observes Marketplacer executive Anna Trifonopoulos, VP of Customer Delivery, Marketplacer.
Story image
Customer experience
Loyalty, pricing and service are D2Cs biggest shortfalls
There is a key gap between brand manufacturer drivers for D2C deployment and their executional shortfalls, a new report reveals.
Story image
Artificial Intelligence
WyreStorm unveils new video bars and an HD video system
WyreStorm has released new products, including two video bars and a high-definition (HD) video system, to improve customers' audio and video experience.
Story image
Digital Marketing
Optimizely and Orchard partner to scale marketing experimentation
Optimizely has announced a partnership with Orchard to help marketers and organisations scale experimentation through a mix of strategy and platform.
Story image
Digital Transformation
L’Occitane Japon reduces fraud with Forter’s platform
L’Occitane Japon increases revenue, reduces chargebacks and fraud, and creates a seamless customer experience with Forter’s fully automated platform.
Story image
Customer Relationship Management
Digitally evolve the smart way – federated content
Digital transformation became the ‘buzz word’ for many companies. Time to re-evaluate those old legacy systems, move to new and better ways of doing things
Story image
Customer Relationship Management
Diagnostic: Does your tech stack up for growth?
It’s common for tech companies to encounter limitations in their tech stack as they experience growth. After all, at first, you only need to invest in systems to support the needs of an early-stage or single-entity business.
Story image
Exclusive: Corpay plans to provide more hedging features
Corpay addresses border payments and currency risk management. Offering hedging, payment technology, cash flow solutions and exotic currency capabilities
Story image
Springboard, Cataleya to offer switching infrastructure solutions
The partnership bundles Springboard's business intelligence platform with Cataleya's switching solutions to rapidly transform voice and messaging.
Story image
Entrust advances Sigma Instant Issuance Platform for cards
Unique light curing module for Entrust Sigma instant issuance systems brings new financial card durability and personalization to card issuers.
Story image
Online shopping
FedEx expands international day-definite delivery services across AMEA
The company says the continuous expansion of the FedEx International Connect Plus (FICP) is also set to fuel cross-border eCommerce growth within the APAC region.
Story image
Cloud platforms
Salesforce partners with Snowflake and introduces ‘Hire Me’ button
According to a recent Salesforce report, 73% of customers expect companies to understand their unique needs and expectations
Story image
Jabra launches AI-powered SaaS solution for contact centres
Engineered to transform contact centre call experiences, the solution employs AI technology that provides real-time insights to improve customer calls.