Datadome
Customer Stories

Zero Fraud & Positive ROI: DataDome’s Impact on a Leading Payments Processor

Table of content
Paige Tester, Sr. Content Marketing Manager
12 Jun, 2024
|
min

A leading payments processing company, processing billions of dollars annually, began experiencing bots bypassing Google’s reCAPTCHA by hacking the audio challenge designed for visually impaired users. As a result, the company was facing serious payment fraud attacks. Today, DataDome blocks malicious bots from their APIs and web pages before they can initiate fraudulent transactions, protecting the payment provider from both financial and reputational risk. One of such bot attacks is credit card cracking.

“Since we implemented DataDome, we’ve had zero incidents of credit card fraud. The solution pays for itself. ”
Systems Administrator & ISA

The Challenge: Bot-Driven Credit Card Fraud Via Online Forms

As a FinTech company that specializes in payment processing solutions for software providers, their services enable software businesses to accept a broad range of payment methods.

Dealing with people’s money and their daily monetary transactions requires the highest level of trust,” says a Senior Developer at the company. “So, when a serious issue came up with credit card fraud coming through some of our public-facing forms, we knew we needed to get it fixed as quickly as possible.

The advantage of public-facing forms is that merchants can take payments from anyone. The downside is that “anyone” might include bots with malicious intentions. To prevent abuse, the team had previously implemented Google reCAPTCHA, which seemed to work well enough—until malicious actors figured out how to trigger the audio challenge designed for visually impaired users.

I have to admit, it was brilliant,“ says the Systems Administrator & ISA at the company. “They would get the audio, spit it into an audio-to-text API, put the result back into reCAPTCHA, and along they went.

“Even though these attacks only affected a handful of merchants, it ended up involving quite a number of people at almost every level of service internally,” their Senior Developer comments. “Once we realized that the issue was a reCAPTCHA vulnerability, we knew we needed to replace it.”

The Solution: Cost-Effective Online Fraud Protection

Because fraud protection is business-critical for the payments processor, the replacement solution needed, above all, to efficiently detect and stop bot-driven fraud.

“The most important factor for us was to make sure we implemented something that couldn’t be hacked by the bots. The solution had to identify bots and stop them before any fraud attempts became transactions,” said their Senior Developer. “We also wanted the tool to be mostly hands-off, so that we could trust it to stop threats while we focus on other tasks.”

The team evaluated multiple bot protection vendors but rapidly eliminated certain candidates due to high costs.

“In fact, I had already done quite a bit of research and read a lot of reviews, and I felt really confident that DataDome was a solution we could use,” shared their Senior Developer. “So when we went to explore some other options and ended up concluding that DataDome was indeed the best fit for us, I was quite pleased.

The onboarding support was also excellent,” adds their Systems Administrator & ISA. “The DataDome team was very attentive and responsive, helping us deploy and get everything fine-tuned.

The Results: Advanced API Security & Peace of Mind

Bot-driven payment fraud attacks are no longer on the list of things their fraud team needs to worry about.

DataDome eliminated the fraud issue 100%. Since we implemented DataDome, we’ve had zero incidents of credit card fraud. The solution pays for itself, and it has made life easier for myself, for our team, for support, for everyone really,” says their Systems Administrator & ISA.

For me, as a developer, the main benefit is definitely peace of mind; not having to worry about any fraudulent transactions,” their Senior Developer confirms. “I also enjoy the way DataDome presents all the information, like which endpoint represents which percentage of our current traffic. I really like the graphs that break down bot traffic into scrapers, search engines, etc., and the way everything is categorized in a really beautiful interface. It’s very easy to use.”

She concludes: “We’re all really pleased over here, and we’re looking forward to implementing DataDome across more of our platforms.