Major Online Travel Booking Platform Switches to DataDome; Improves UX & Saves SMS Costs

<0.01%
false positive rate
Zero latency
SMS cost savings
DataDome
Table of contents
Scraping Travel & Hospitality
Paige Tester, Director of Content Marketing
26 Apr, 2023
|
min

Web scraping and other automated attacks were targeting a popular Asian travel booking platform and bypassing their former bot detection tool. By switching to the DataDome bot and online fraud protection solution, the company was able to stabilize their system performance and improve the user experience by keeping latency and false positives to a minimum. When hit with SMS pumping attacks, the travel platform leveraged DataDome’s technology and SOC team expertise to stop the malicious requests and avoid artificially inflated SMS charges.

We were deeply impressed by DataDome’s professionalism, responsiveness, and openness to feedback.
Associate Director, Payment & Fraud Tech

The challenge: Bot attacks bypassing prior protection, high false positive rate

Like all major online brands, one of Asia’s leading travel and leisure e-commerce platforms is constantly targeted by web scraping attacks and other bot-driven threats. 

The company had implemented a bot protection system from one of the industry’s major providers, but they were not happy with its performance. Certain bot attacks were bypassing the tool, while real users were too often challenged with a CAPTCHA.

“The human user experience is key to our success,” says the company’s Associate Director, Payment & Fraud Tech. “Ideally, real users should never have to solve a CAPTCHA, so any security tool we implement must have a minimal false positive rate.”

Unfortunately, their bot protection provider did not seem to proactively monitor the false positive rate, and their technical support’s response times were unsatisfactory. So, the team decided to look for an alternative bot protection solution.

The solution: Accurate detection, responsive support

Their research led them to DataDome, which analyzes every single request to customers’ websites, mobile apps, and APIs in order to detect and block bots in real time while remaining invisible for human users. The team used the DataDome Lambda@Edge integration to deploy in minutes on Amazon CloudFront. The solution instantly provides real-time bot protection wherever end users are without the need to provision or manage infrastructure.

The solution also offered optimized protection for the travel platform’s mobile apps. The ultra-light DataDome SDKs would support any third-party networking library and enable codeless integration, with no code coupling and automatic CAPTCHA management.

“We really liked the intuitive dashboard and the self-service functions, which enable us to manage day-to-day operations independently and with agility,” says the Associate Director, Payment & Fraud Tec.

Last but not least, the team appreciated the collaboration with the DataDome team: “We were deeply impressed by DataDome’s professionalism, responsiveness, and openness to feedback,” they confirm.

The results: Excellent user experience, SMS cost savings

Since they implemented the DataDome solution, the travel platform’s systems are running with optimal stability, and there are no more large-scale system abnormalities. The team is also very satisfied with the minimal API latency: <20 ms on average.

“Compared to our previous solutions from other vendors, DataDome has generally improved accuracy, effectively reducing the threat of bot attacks,” says the Associate Director, Payment & Fraud Tech. “DataDome also improves our user experience by keeping the false positive rate below 0.01%, which is very important to us.”  

Some time after implementing the DataDome solution, the travel company was hit by a new type of threat: SMS pumping attacks. In this type of attack, malicious actors use bots to spam online forms that generate SMS messages such as one-time passcodes (OTPs). For enterprises, this generates direct losses as a result of inflated SMS charges, and creates a risk of reputational damage as non-registered users may be harassed by unsolicited SMS messages.

“We added the DataDome protection to the SMS-sending link, and provided attack and business characteristics to DataDome,” explains the Associate Director, Payment & Fraud Tech. “The SOC team responded quickly, collaborated closely with us through Slack, and adjusted the detection model in a timely manner. As a result, we were able to block the majority of the malicious requests and avoid the fraudulent SMS charges.”

DataDome
Paige Tester
Director of Content Marketing
Paige is the Director of Content Marketing for DataDome. With over a decade of expertise in content creation, she leads the development of in-depth, strategic content that highlights advanced bot detection and online fraud prevention techniques. Her work empowers cybersecurity professionals with actionable insights and cutting-edge knowledge, ensuring they stay ahead of emerging threats.

Related posts

DataDome
dd product home overview

Still exploring?

Start with an on-demand demo.

Watch a demo