KISS USA Curbs Carding Fraud With DataDome

Fully Protected in 24 Hours
Fraud-Resilient Payment Funnel
Seamless Human User Experience
DataDome
Table of contents
Last update: 19 Jul, 2023
|
min

KISS USA is the world’s leading supplier of artificial nails, press-on nail manicure kits, false eyelashes, and professional hair straighteners and tools. Faced with a sharp increase in carding fraud attempts, the company needed a powerful bot and fraud protection solution that could be implemented quickly. 24 hours after signing up for DataDome, the solution was activated and the website was protected from further carding attacks. The protection is invisible to real human customers, and KISS USA’s development team can focus their attention on business-related topics.

KISS USA Website
The 0.01% false positive rate was a key decision point. We wanted to make sure that the solution wouldn’t block real customers, and no one else could guarantee anything that low.
Vincent Cerone, Senior Manager of Development at KISS USA

The Problem: Carding Bots Abusing the Payment Interface

Failed payment attempts are a fact of life in e-commerce. The cause can be as innocent as an expired card or a faulty internet connection, but sometimes there are more nefarious forces afoot. 

“We used to have our regular share of payment failures, but there was no way to tell whether they were carding bots or just declined cards,” says Vincent Cerone, Senior Manager of Development at KISS USA. 

“At one point, however, the volume of failed payments started to creep up, to such an extent that our payment processor warned us that we needed to do something or the service could be cut off. So we blocked traffic from countries we don’t serve, added lots of different Fastly rules, and so on—and then the attacks skyrocketed.”

The bot operators clearly disapproved of the blocking attempts, and came back with a vengeance. KISS USA needed a bot protection solution that would be up to the challenge, and they needed it fast.

The Solution: 24-Hour Integration, < 0.01% False Positives

The KISS USA website is built on the Adobe Commerce (ex-Magento) platform, so the team reached out to their partner for suggestions. Adobe recommended three potential vendors, and after a quick round of discovery calls, Vincent and his team confidently settled on DataDome.

“The extremely easy setup on Fastly was a key decision point,” Vincent recalls. “So was the 0.01% false positive rate that DataDome offers. We wanted to make sure that the solution wouldn’t block real customers, and no one else could guarantee anything that low.” 

“Finally, DataDome offered the most attractive setup and onboarding experience. With the other providers, we would have had to figure things out mostly on our own, whereas DataDome essentially handled all the setup for us.”

It was critical for KISS USA to stop the carding attacks as quickly as possible, and no time was wasted: the protection was set up, deployed, and activated in a day.

“It was obviously a little hectic, but the DataDome solutions engineer made it easy,” Vincent compliments. “He was very responsive, and any questions we had were answered right away.”

The Results: Fraud-Resilient Payment Funnel & Seamless Human User Experience

Today, any carding fraud attacks on KISS USA’s website are blocked long before they reach the payment gateway. The payment processor is satisfied, and so is Vincent.

“Our big issue was the carding attacks, and stopping those was our priority,” he observes. “But now, we can also see other types of attacks that we didn’t even know were happening. Watching the amount of scraping and credential stuffing bots we get, I’m very happy that we implemented DataDome.”

Bots are still trying to access KISS USA’s website and payment funnel every day, but they are no longer getting through. For real customers, the protection is invisible and the user experience seamless. And for Vincent and his team, bot management is now a breeze. 

“The dashboard is really easy to use, unlike the much more clunky alternatives we saw,” he comments. “We’re developers, not cybersecurity experts, so we appreciate being able to log in and easily get an overview of what’s going on or add a rule in a simple way. And the live attack feature, where you can observe the attacks and where the bots are coming from in real time, is sort of fun to watch!”

In conclusion, he doesn’t hesitate to recommend DataDome to his peers. “It’s a really good product,” he attests. “I’m part of some Adobe Commerce user groups, and if anyone there has bot-related problems, I always tell them to check out DataDome.”

DataDome
dd product home overview

Still exploring?

Start with an on-demand demo.