Michael Mead
, Principal Information Security Specialist at Amway

The Problem: Bots Pollute Metrics, Cause Downtime & Drive Up Costs

Like every prominent global retailer, Amway has grappled with persistent malicious activity on its e-commerce platforms.

“The initial discussion around bot management came from our team in Asia, where bots were adding items to shopping carts and causing some pain just from a metrics standpoint,” says Michael Mead, Principal Information Security Specialist at Amway. “We also get a lot of scraper bots, but they didn’t seem to do all that much harm.”

While the situation didn’t warrant any urgency, the team initiated an exploration of potential bot mitigation options. Then, a succession of events changed the picture.

“While we were still looking at solutions, we experienced a series of different attacks, including a DDoS attack which impacted one of our commerce sites,” Michael recalls. “We also had multiple credential stuffing attacks which led to us having to take fraud remediation actions. All of this expedited our decision.”

The Solution: AWS + DataDome = Multi-Level Security

In Amway’s evaluation of potential vendors, technical architecture was a key decision point. Specifically, they wanted a solution that would integrate seamlessly with AWS CloudFront.

“We leverage cloud native services for many of our global solutions. Native services like Web Application Firewall (AWS WAF) and Content Delivery Networks (AWS Cloudfront) are critical are critical components” Michael explains. “One thing we liked about DataDome was that we didn’t have to implement someone else’s WAF on top of it. DataDome integrated nicely”

Another important goal was to minimize the need for manual interventions.

“We didn’t want to have to use full-time equivalents to manage the tool; the ideal was a SaaS solution which we could integrate and then more or less walk away from, which is precisely the approach DataDome offers,” Michael comments.

The team also appreciated the DataDome dashboard, which provides comprehensive insights into current threats and risk levels as well as real-time attack reports.

“The data is really helpful for understanding our bot traffic, and when I need to share something with my upper management, the reports are clean, crisp, and easy to understand,” Michael observes. “And the dashboard keeps evolving, which is great to see.”

The Results: Performance Protection, Time & Cost Savings

Today, Amway’s layered security setup ensures security and optimal performance for their protected commerce websites.

Beyond that, DataDome also helps the company avoid direct financial and reputational impacts related to malicious bot activity: By preventing abuse by bad bots, Amway was able to save significant costs related to SMS verification. “Within just one week, DataDome paid for itself,” Michael attests.

More recently, another incident demonstrated the time-saving potential of efficient bot protection.

“One of our commerce sites experienced large amounts of fake account creations, causing significant man-hours cleaning up the fake accounts,” Michael reveals. “We set up DataDome on the site, and after a bit of fine-tuning of the detection models by the threat research team, the issue was resolved, and fake account creations were brought down to zero.”

In conclusion, he smiles: “What sets DataDome apart is that the development and integration teams really want this protection. Unlike most products where it’s the security team pushing for implementation, in this case they’re asking us for it!”

*) 2023 Direct Selling News Global 100 list.