Rakuten France is Protected Against Real-Time Attacks Thanks to DataDome’s AI
Effective protection against scrapers and layer 7 DDoS attacks.
Time savings with automatic management of bot traffic.
The Rakuten France website is the leading marketplace in France for private and professional sellers to make guaranteed purchases and sales. With more than 200 million new and used items and a community of over 17 million members, the site receives 19 million hits per month and has 600,000 new ads each day.
Established in 2001, Rakuten-PriceMinister joined the Japanese group Rakuten in 2010, with a clear ambition to conquer Europe quickly and take the number 1 spot for e-commerce sites. The company now employs approximately 200 people.
The Problem: Staying ahead of ever more sophisticated bots.
Rakuten is a longtime DataDome client. As a leading e-commerce site, the company was one of the first to feel the impact of increasingly intensive automated traffic.
The appearance of bots in our environments occurred a little over three years ago, with the main problem being the use of our system resources. We were constantly being crawled by scrapers, which consumed a lot of bandwidth.
Patrick Pereira, Technical Director of Rakuten France
“We also had attacks that sent many, many calls, trying to bring down the site,” adds Eric Vannier, Infrastructure Manager. “The attackers never succeeded because we were sufficiently responsive, but it required a lot of human resources. During a particularly significant attack, we spent an entire night blocking IP addresses. Fortunately, at the time hackers still did not have millions of IPs available, just thousands!”
To counter these attacks and curb persistent scrapers, the Rakuten teams developed their own anti-bot solution. However, it required a lot of maintenance. And most crucially, the rapid evolution of bots made them increasingly difficult to detect.
“At the time, the problems related to bot traffic were still poorly understood,” says Patrick Pereira. “But we decided that we are not in the business of managing automated traffic, we did not have the resources to do it effectively, and that it would be better if we didn’t have to deal with it on a daily basis.”
The Solution: Real-time detection & blocking with artificial intelligence.
Having come across DataDome by word of mouth, the Rakuten teams evaluated the solution, concluded it could be useful, and decided to implement a proof of concept. It was immediately effective, finally allowing the teams to offload the everyday management of traffic bots.
The strength of the DataDome solution lies in the use of artificial intelligence, which compares each query with a huge in-memory pattern database and can decide in less than 2 milliseconds whether access should be granted or not. The latest generation bots, which are almost indistinguishable from humans, are detected through behavioral analysis.
“It was the start of a very beneficial relationship,” recalls Patrick Pereira. “We had some experience with certain topics, and we found DataDome very responsive. We formed a close relationship with the DataDome teams that we would not have had with generalists. Even the smallest problem was handled instantaneously. Our exchanges were constructive, and allowed the solution to be quickly adapted to the real needs of e-commerce sites such as ours.”
“For example, we wanted to have a little more visibility into our bot traffic,” adds Sébastien Raguet, Supervisor. “We saw that the bad bots were blocked, but we didn’t always know what was really going on. Today, the dashboard is comprehensive, very clear, and easy to use.”
“That said, we don’t need to monitor the dashboard on a daily basis,” comments Éric Vannier. “We monitor our automated traffic through the email reports we receive, but we know that the solution works and it runs on autopilot in daily use.”
The Results: Effective protection & savings in time & money.
In retrospect, the IT managers are glad to have taken the threat of automated traffic seriously before the subject became big news in cybersecurity.
“We implemented DataDome at the right time, when bots were still relatively unsophisticated,” notes Éric Vannier. “We have not tried to follow the evolution of this threat ourselves, and this transfer of functionality and responsibilities has saved us a lot of time. Today, DataDome protects us against real-time attacks and preserves our bandwidth, without us having to worry about the new threats that constantly arise.”
Sébastien Raguet adds: “When we look at the evolution of crawlers, it is clear that it would be impossible these days to detect all of them without artificial intelligence. There is nothing that can be detected by a human anymore, and our in-house system could not have managed it at all. Even non-specialized security solutions can no longer manage it.”
And if you had to give DataDome an overall score of between 1 and 5?
“4.5?” smiles Patrick Pereira. “There is always room for improvement! But we are satisfied with the solution and its evolution, and we have had a trusting relationship for several years now. Now that the solution is mature, we are in contact less frequently than at the beginning, but DataDome continues to evolve without us having to share our needs, and that suits us perfectly.”