Winston Brands Mitigates Payment Fraud & Saves Processing Fees With DataDome
Winston Brands, a multi-channel consumer goods company, offers thousands of products to customers throughout the United States through its catalogs and website, collectionsetc.com. Malicious actors were abusing the site’s payment interface, attempting to test vast numbers of credit card credentials and driving up processing fees. To protect its payment interface and conversion rates, Winston Brands selected DataDome’s bot management and fraud protection solution. Today, without any negative customer impact, fraud attacks are no longer occurring.
We reached our goal. Since we implemented DataDome, we have not seen any malicious activity going through to our payment partner.
Alek Gvozdev, Enterprise Architect at Winston Brands
The Problem: Card Cracking Attacks Cause Processing Partner Complaints & Hurt Conversion Rates
“A couple of years ago, we started taking pre-authorizations on the website. That’s when the card cracking attacks started,” explains Alek Gvozdev, Enterprise Architect at Winston Brands. “Bots were randomly selecting credit card numbers and trying them on our payment interface over and over again, in order to find out which ones would work.”
Traditional blocking of malicious IP addresses and ASNs helped mitigate the attacks, but every time, the bad actors would improve the bots and scripts just to return later. ASN and IP blocking also led to customer complaints and hurt the company’s conversion rates, as real customers found themselves unable to place orders.
“The attacks were also artificially inflating our processing fees,” Alek observes. “We were getting warnings from our credit card processor about this malicious activity on our account.”
A wave of attacks could keep Alek and the security team busy for up to two full days a week, including nights and weekends. The most aggressive attacks also created extra work for other teams in the company, including finance and customer service.
The Solution: Cost-Effective, Easy-to-Implement Bot Protection
The team decided the time had come to invest in a bot management and fraud protection solution, and initiated a thorough evaluation process.
“Cost-effectiveness was important to us, but we didn’t want to implement something too basic that we would need to review or change later,” Alek comments. “We wanted a long-term solution, and in our research, DataDome came out as one of the top providers in the sphere.”
Easy implementation was another key selection criteria, as the team wanted to avoid making major changes to their infrastructure.
“It was so easy! We loved it,” says Alek. “We turned it on and that was it, literally in five minutes.”
The Results: Time Savings and Peace of Mind
Card cracking attacks and fraudulent orders are no longer concerns for Winston Brands. Their payment processor is satisfied, and their processing fees are back to normal.
“We reached our goal. Since we implemented DataDome, we have not seen any malicious activity going through to our payment partner,” Alek attests. “It’s very nice not to worry about it, especially on evenings and weekends, and to be able to spend our time on other topics.”
“DataDome had a unique combination of cost-effectiveness and features,” he concludes. “There are different solutions out there and we looked at many of them, but we didn’t find that ideal combination for our business anywhere else. I’m really looking forward to a long-term relationship with DataDome.”
*** This is a Security Bloggers Network syndicated blog from DataDome authored by DataDome. Read the original post at: https://datadome.co/customers-stories/winston-brands-mitigates-payment-fraud-saves-processing-fees/