SlideShare une entreprise Scribd logo

How bots impact major onsales [Webinar]

Queue-it
Queue-it

“Bots” first entered popular consciousness last year with the passing of the BOTS Act, and the proliferation of messaging bots. However, those of us in the ticketing industry have been dealing with bots for years. Rami Essaid, CEO of Distil Networks, and Niels Sodemann, CEO of Queue-it present the evolution of good and bad bots, their impact on the ticketing ecosystem, current and pending legislation, and innovative onsale bot mitigation strategies. Key Takeaways include: ·The impact of the BOTS Act and other legislation on your business ·How fraudsters, competitors and hackers leverage bots ·Four bad bot attack vectors every ticketing industry player must understand ·Determining the right bot mitigation strategy for premium onsales

Logiciels
1  sur  44
Télécharger pour lire hors ligne
▪Introduction ▪Bots 101 ▪BOTS Act and what it covers (and doesn’t cover) ▪How bots can impact your major onsales and associated mitigation strategies ▪StubHub case study ▪Q&A
Rami Essaid CEO & Co-founder, Distil Networks Niels Sodemann CEO & Co-founder, Queue-it Distil Networks is the only proactive and precise bot mitigation solution for web applications, mobile, and APIs. ▪ Founded in 2011 ▪ 180 employees ▪ 5 offices ▪ $65 million in funding The use of Queue-it has ensured online fairness during high-demand online events for more than 1.5 billion consumers worldwide. ▪Founded in 2010 ▪63 employees ▪2016 TTA winner of Supplier of the Year DenmarkSilicon Valley
Awards and Analyst Recognition The only anti-bot solution to be included in Gartner’s Online Fraud Detection Market Guide 2-years running “Distil’s ability to analyze behavior provides the best chance of detecting and blocking bot-driven attacks.” “Clear innovation compared to similar services.” 2017 WINNER: Best Fraud Prevention Solution
Bots 101
Good bots ▪ Search engine crawling ▪ Power APIs ▪ Check system connectivity & status A ‘bot’ is an automated program that runs on the internet Bad bots ▪ Steal content ▪ Scan for vulnerabilities ▪ Perform fraud etc. Traffic Distribution by Type, 2016
What concerns you most about the impact of bots on your organization’s website(s)? ▪ Website Security ▪ Transaction Fraud ▪ Lost Revenue to Scalpers ▪ Poor Customer Experience Survey
How are you addressing your bot concerns? ▪ Addressing now ▪ Plan to address this year ▪ Plan to address next year ▪ No plans to address ▪ Don’t know Survey
The BOTS Act explained
▪ Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. ▪ Prohibits the sale of an event ticket obtained through such a circumvention violation if the seller participated in, had the ability to control, or should have known about it BOTS Act key prohibitions
▪ Scalping ▪ Sniping ▪ Spinning 20% of traffic bad bots OWASP Automated Threats relevant to BOTS Act
Ticketing Bots Sophistication
Other legislation
▪ Must Have Protections Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. Who does it impact? Primary Ticketing. ▪ Federal Trade Commission Audits: Treats violations as unfair or deceptive acts under the FTC Act. The bill provides authority to the FTC and states to enforce against such violations
▪ Must Have Protections Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. Who does it impact? Secondary Ticketing. ▪ FTC Audits Treats violations as unfair or deceptive acts under the FTC Act, provides authority to the FTC and states to enforce against such violations Prohibits the sale of an event ticket obtained through such a circumvention violation if the seller participated in, had the ability to control, or should have known about it
Can you enforce? Who does this impact? Venues. Can you comply? Can you cooperate?
If you aren’t bypassing security measures on a website in order to get tickets, you aren’t breaking the law. ▪ Doesn’t eliminate the ability to buy & resell tickets obtained legally ▪ Doesn’t address historical relationships between sellers and reseller ▪ Doesn’t make the 40% of tickets not on public sale magically reappear What the BOTS Act does not address
▪ Bots: scapegoat for a bigger problem in ticketing ▪ Humans + scripts: Cubefarm of people operating bots with industry experts managing them ▪ 7 years + $25M later, FBI cracks down in 2010 ▪ Ken Lowson now a wiseguy turned good …and then there’s Wiseguys Source: https://motherboard.vice.com/en_us/article/the-man- who-broke-ticketmaster
▪ Precise log in, processing thousands of purchases faster than any human ▪ Fooling CAPTCHA, with huge database of combinations + operating at lightning speed ▪ Securing best seats & selling them at a steep markup for resale to the public How they did it Source: U.S. Attorney Office, The Star Ledger
Other ‘wiseguys’ like ShowsOnSale continue to pop up, historically hard & expensive to prosecute
Why you can’t sell out in 20 minutes Ticket onsales timeline It’s not possible to sell out in less than 2x basket/cart timeout time More info: https://queue- it.com/presentation-can-you-sell-out-in-2- minutes-no-learn-why/
In other words, as a venue, organization or ticketing software platform, it is still on you to defend against this fraudulent activity during your major onsales
How bots abuse the logic of online ticket sales Distil Networks Queue-it Distil Networks
Before onsale: Account Creation Distil Networks Queue-it Distil Networks
Before onsale: Account Takeover Distil Networks Queue-it Distil Networks
Account Takeover Attacks
Financial fraud Targets are accounts at financial or e-commerce services that store users’ banking details. The attackers perform unauthorized withdrawal from bank accounts or fraudulent transactions using the credit/debit cards on file. This includes virtual currency such as bitcoin, in-game currency, and rewards programs. This is all worth real money. Account Takeover Attacks: Why? Spam Spam can appear in any service feature that accepts user- generated content, including discussion forums, direct messages, and reviews/ratings, degrading platform integrity and brand reputation. Phishing Attackers can assume a compromised user’s identity and launch phishing attacks on others in his/her social circle to steal their credentials, personal information, or sensitive data.
Account Takeover Bots Sophistication
Day of onsale / During onsale Distil Networks Queue-it Distil Networks
Volume Distil Networks Queue-it Distil Networks
Volume ▪ To achieve this, spinner bots create many hits ▪ Queue-it can recognize this as coming from same device and will block ▪ 50% of blocking during a major onsale is due to spinner bots
Speed Distil Networks Queue-it Distil Networks
Speed ▪ Any speed scripted bots arriving before the event are placed in the randomized pre- event waiting room before the event launches Pre-event queue page Live event queue page
During ticket purchase Distil Networks Queue-it Distil Networks
Credit card fraud
Multiple purchases, exceeding limits Distil Networks Queue-it Distil Networks
IP Address Header & User Agent Information Cookie Browser 200+ Attributes of data Navigator, WebGL, Plugins, Audio, Video, etc. Tamper proofing layer Distil Hi-Def Fingerprint Identification Must Go Beyond the IP Address...
StubHub Case Study
StubHub Case Study Account Takeover and Fraud “Distil helped us greatly reduce transaction fraud and account takeovers.” Marty Boos CIO, StubHub
StubHub Case Study Ticket Scraping “Competitive data mining for ticket prices and inventory information was a constant threat.” Marty Boos CIO, StubHub
StubHub Case Study Skewed Conversion Tracking “The number of conversions were greatly deflated because of bad bot traffic. Now that we’re filtering bad bot traffic out, we’re able to see what the real data is and make decisions based on real visitors.” Marty Boos CIO, StubHub
StubHub Case Study Conclusions In reference to the before, wait and buyer journey: “I like this multi-layered approach” George Loyer, Director Technical Operations, StubHub Distil Networks Queue-it Distil Networks
Free trial Free trial www.distilnetworks.com/trial www.queue-it.com/free-trial

Recommandé

How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry EcosystemHow the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
Distil Networks
 
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
G3 Communications
 
Callcredit's Fraud Summit 2016 - Plenary session
Callcredit's Fraud Summit 2016 - Plenary sessionCallcredit's Fraud Summit 2016 - Plenary session
Callcredit's Fraud Summit 2016 - Plenary session
Callcredit123
 
Callcredit's Fraud Summit - Customer experience stream
Callcredit's Fraud Summit - Customer experience streamCallcredit's Fraud Summit - Customer experience stream
Callcredit's Fraud Summit - Customer experience stream
Callcredit123
 
Callcredit's Fraud Summit 2016 - Identity verification stream
Callcredit's Fraud Summit 2016 - Identity verification streamCallcredit's Fraud Summit 2016 - Identity verification stream
Callcredit's Fraud Summit 2016 - Identity verification stream
Callcredit123
 
Newsletter Edwards October
Newsletter Edwards OctoberNewsletter Edwards October
Newsletter Edwards October
david1edwards
 
Detecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-TimeDetecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-Time
Laurent Pacalin
 
Preventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupPreventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite Group
Laurent Pacalin
 

Recommandé

How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry EcosystemHow the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
Distil Networks
 
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
StubHub's Field Guide To Preventing Competitor Price Scraping, Unwanted Trans...
G3 Communications
 
Callcredit's Fraud Summit 2016 - Plenary session
Callcredit's Fraud Summit 2016 - Plenary sessionCallcredit's Fraud Summit 2016 - Plenary session
Callcredit's Fraud Summit 2016 - Plenary session
Callcredit123
 
Callcredit's Fraud Summit - Customer experience stream
Callcredit's Fraud Summit - Customer experience streamCallcredit's Fraud Summit - Customer experience stream
Callcredit's Fraud Summit - Customer experience stream
Callcredit123
 
Callcredit's Fraud Summit 2016 - Identity verification stream
Callcredit's Fraud Summit 2016 - Identity verification streamCallcredit's Fraud Summit 2016 - Identity verification stream
Callcredit's Fraud Summit 2016 - Identity verification stream
Callcredit123
 
Newsletter Edwards October
Newsletter Edwards OctoberNewsletter Edwards October
Newsletter Edwards October
david1edwards
 
Detecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-TimeDetecting Wire Fraud in Real-Time
Detecting Wire Fraud in Real-Time
Laurent Pacalin
 
Preventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupPreventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite Group
Laurent Pacalin
 
Digital banking Account Take Over
Digital banking Account Take OverDigital banking Account Take Over
Digital banking Account Take Over
Laurent Pacalin
 
2013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v12013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v1
Shawn Tuma
 
ICOs: A Primer
ICOs: A Primer ICOs: A Primer
ICOs: A Primer
Mathew Chacko
 
Digital bank latest - october
Digital bank latest - octoberDigital bank latest - october
Digital bank latest - october
Chris Skinner
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Madalin Matica
 
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
Bernard Marr
 
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data AnalysisWays to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
FraudBusters
 
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
Jonathan Care
 
From Online To Digital
From Online To DigitalFrom Online To Digital
From Online To Digital
The Bank Channel
 
The Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse ActThe Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse Act
Shawn Tuma
 
PayTech Trends 2016
PayTech Trends 2016PayTech Trends 2016
PayTech Trends 2016
Opus Consulting Solutions
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerce
Vijayan Ganapathy
 
The Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for AdvertisersThe Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for Advertisers
MSFTAdvertising
 
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
Shawn Tuma
 
Mark Buitenhek, 5th Digital Banking Forum
Mark Buitenhek, 5th Digital Banking ForumMark Buitenhek, 5th Digital Banking Forum
Mark Buitenhek, 5th Digital Banking Forum
Starttech Ventures
 
17 00 distil rami
17 00 distil rami17 00 distil rami
17 00 distil rami
Property Portal Watch
 
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
Outlier Ventures
 
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
Shawn Tuma
 
Six Fintech Trends of Foremost Importance in 2017
Six Fintech Trends of Foremost Importance in 2017Six Fintech Trends of Foremost Importance in 2017
Six Fintech Trends of Foremost Importance in 2017
eTailing India
 
Beyond the Bots
Beyond the BotsBeyond the Bots
Beyond the Bots
Bart De Waele
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of Work
Volker Hirsch
 
Redshift loader - Copenhagen AWS User Group
Redshift loader - Copenhagen AWS User GroupRedshift loader - Copenhagen AWS User Group
Redshift loader - Copenhagen AWS User Group
Martin Larsen
 

Contenu connexe

Tendances

2013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v12013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v1
Shawn Tuma
 
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data AnalysisWays to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
FraudBusters
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerce
Vijayan Ganapathy
 
The Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for AdvertisersThe Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for Advertisers
MSFTAdvertising
 

Tendances (19)

Digital banking Account Take Over
Digital banking Account Take OverDigital banking Account Take Over
Digital banking Account Take Over
 
2013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v12013.05.16 cfaa powerpoint for ima.v1
2013.05.16 cfaa powerpoint for ima.v1
 
ICOs: A Primer
ICOs: A Primer ICOs: A Primer
ICOs: A Primer
 
Digital bank latest - october
Digital bank latest - octoberDigital bank latest - october
Digital bank latest - october
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
The 5 Biggest Blockchain And Distributed Ledger Trends Everyone Should Be Wat...
 
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data AnalysisWays to Beat Vendor and Procurement Fraudsters Using Data Analysis
Ways to Beat Vendor and Procurement Fraudsters Using Data Analysis
 
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
30 years living a happy life - Breaking Systems, Chasing Bad Guys and Teachin...
 
From Online To Digital
From Online To DigitalFrom Online To Digital
From Online To Digital
 
The Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse ActThe Evolving Computer Fraud and Abuse Act
The Evolving Computer Fraud and Abuse Act
 
PayTech Trends 2016
PayTech Trends 2016PayTech Trends 2016
PayTech Trends 2016
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerce
 
The Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for AdvertisersThe Evolution of Fintech And What it Means for Advertisers
The Evolution of Fintech And What it Means for Advertisers
 
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
Overview and Update on the Computer Fraud and Abuse Act (CFAA) for the Data ...
 
Mark Buitenhek, 5th Digital Banking Forum
Mark Buitenhek, 5th Digital Banking ForumMark Buitenhek, 5th Digital Banking Forum
Mark Buitenhek, 5th Digital Banking Forum
 
17 00 distil rami
17 00 distil rami17 00 distil rami
17 00 distil rami
 
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
State of Blockchains 2019: Green shoots of adoption emerge from 2018 crypto c...
 
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
Computer Fraud and Abuse Act CLE - Dallas Bar Ass'n (8.22.11)
 
Six Fintech Trends of Foremost Importance in 2017
Six Fintech Trends of Foremost Importance in 2017Six Fintech Trends of Foremost Importance in 2017
Six Fintech Trends of Foremost Importance in 2017
 

En vedette

Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network BotsRise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Tom Eston
 
Facebook bots uma nova arma no relacionamento e atendimento ao consumidor
Facebook bots uma nova arma no relacionamento e atendimento ao consumidorFacebook bots uma nova arma no relacionamento e atendimento ao consumidor
Facebook bots uma nova arma no relacionamento e atendimento ao consumidor
Elife Brasil
 
Basics of Solr and Solr Integration with AEM6
Basics of Solr and Solr Integration with AEM6Basics of Solr and Solr Integration with AEM6
Basics of Solr and Solr Integration with AEM6
DEEPAK KHETAWAT
 

En vedette (11)

Beyond the Bots
Beyond the BotsBeyond the Bots
Beyond the Bots
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of Work
 
Redshift loader - Copenhagen AWS User Group
Redshift loader - Copenhagen AWS User GroupRedshift loader - Copenhagen AWS User Group
Redshift loader - Copenhagen AWS User Group
 
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network BotsRise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
 
Beyond Chatops - Bots @ Domain
Beyond Chatops - Bots @ DomainBeyond Chatops - Bots @ Domain
Beyond Chatops - Bots @ Domain
 
Digitalt lederskab
Digitalt lederskabDigitalt lederskab
Digitalt lederskab
 
Building blocks for building bots
Building blocks for building botsBuilding blocks for building bots
Building blocks for building bots
 
Facebook bots uma nova arma no relacionamento e atendimento ao consumidor
Facebook bots uma nova arma no relacionamento e atendimento ao consumidorFacebook bots uma nova arma no relacionamento e atendimento ao consumidor
Facebook bots uma nova arma no relacionamento e atendimento ao consumidor
 
Basics of Solr and Solr Integration with AEM6
Basics of Solr and Solr Integration with AEM6Basics of Solr and Solr Integration with AEM6
Basics of Solr and Solr Integration with AEM6
 
6 months of experimentation with bots
6 months of experimentation with bots6 months of experimentation with bots
6 months of experimentation with bots
 
The Rise of Bots – Talk at GeoBeer #15, March 2017
The Rise of Bots – Talk at GeoBeer #15, March 2017The Rise of Bots – Talk at GeoBeer #15, March 2017
The Rise of Bots – Talk at GeoBeer #15, March 2017
 

Similaire à How bots impact major onsales [Webinar]

Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Distil Networks
 
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
Jean Ryu
 
Ensuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data SecurityEnsuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data Security
Distil Networks
 
Smart card emv for dummies
Smart card emv for dummiesSmart card emv for dummies
Smart card emv for dummies
BACKSEATRIDER
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019
Ulf Mattsson
 

Similaire à How bots impact major onsales [Webinar] (20)

Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
 
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
Debunking Myths about Malicious Bots / 악성 봇의 허상과 실상
 
Bitcoin, Block Chain, Cryptocurrency and ICOs: A Legal Perspective
Bitcoin, Block Chain, Cryptocurrency and ICOs: A Legal PerspectiveBitcoin, Block Chain, Cryptocurrency and ICOs: A Legal Perspective
Bitcoin, Block Chain, Cryptocurrency and ICOs: A Legal Perspective
 
Ensuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data SecurityEnsuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data Security
 
DLT - AML & CFT - Risks & Opportunites
DLT - AML & CFT - Risks & Opportunites DLT - AML & CFT - Risks & Opportunites
DLT - AML & CFT - Risks & Opportunites
 
Intelligent Banking: AI cases in Retail and Commercial Banking
Intelligent Banking: AI cases in Retail and Commercial BankingIntelligent Banking: AI cases in Retail and Commercial Banking
Intelligent Banking: AI cases in Retail and Commercial Banking
 
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
 
PPPT0005.pptx
PPPT0005.pptxPPPT0005.pptx
PPPT0005.pptx
 
ICOs, Cryptocurrency, and Tokenization: Legal Issues
ICOs, Cryptocurrency, and Tokenization: Legal Issues ICOs, Cryptocurrency, and Tokenization: Legal Issues
ICOs, Cryptocurrency, and Tokenization: Legal Issues
 
Ticketcoin presentation
Ticketcoin presentationTicketcoin presentation
Ticketcoin presentation
 
Smart card emv for dummies
Smart card emv for dummiesSmart card emv for dummies
Smart card emv for dummies
 
Better Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web SecurityBetter Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web Security
 
Life As A Fraudster: Carding 101
Life As A Fraudster: Carding 101Life As A Fraudster: Carding 101
Life As A Fraudster: Carding 101
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
 
Blockchain Investment Potential
Blockchain Investment PotentialBlockchain Investment Potential
Blockchain Investment Potential
 
Everything You Need to Know About Crypto
Everything You Need to Know About CryptoEverything You Need to Know About Crypto
Everything You Need to Know About Crypto
 
Bitcoin 101
Bitcoin 101Bitcoin 101
Bitcoin 101
 
dark-web-and-cybercrime.pdf
dark-web-and-cybercrime.pdfdark-web-and-cybercrime.pdf
dark-web-and-cybercrime.pdf
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019
 
Rtp rsp16-distil networks-final-deck
Rtp rsp16-distil networks-final-deckRtp rsp16-distil networks-final-deck
Rtp rsp16-distil networks-final-deck
 

Dernier

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 

Dernier (20)

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 

How bots impact major onsales [Webinar]

  • 1.
  • 2. ▪Introduction ▪Bots 101 ▪BOTS Act and what it covers (and doesn’t cover) ▪How bots can impact your major onsales and associated mitigation strategies ▪StubHub case study ▪Q&A
  • 3. Rami Essaid CEO & Co-founder, Distil Networks Niels Sodemann CEO & Co-founder, Queue-it Distil Networks is the only proactive and precise bot mitigation solution for web applications, mobile, and APIs. ▪ Founded in 2011 ▪ 180 employees ▪ 5 offices ▪ $65 million in funding The use of Queue-it has ensured online fairness during high-demand online events for more than 1.5 billion consumers worldwide. ▪Founded in 2010 ▪63 employees ▪2016 TTA winner of Supplier of the Year DenmarkSilicon Valley
  • 4. Awards and Analyst Recognition The only anti-bot solution to be included in Gartner’s Online Fraud Detection Market Guide 2-years running “Distil’s ability to analyze behavior provides the best chance of detecting and blocking bot-driven attacks.” “Clear innovation compared to similar services.” 2017 WINNER: Best Fraud Prevention Solution
  • 6. Good bots ▪ Search engine crawling ▪ Power APIs ▪ Check system connectivity & status A ‘bot’ is an automated program that runs on the internet Bad bots ▪ Steal content ▪ Scan for vulnerabilities ▪ Perform fraud etc. Traffic Distribution by Type, 2016
  • 7. What concerns you most about the impact of bots on your organization’s website(s)? ▪ Website Security ▪ Transaction Fraud ▪ Lost Revenue to Scalpers ▪ Poor Customer Experience Survey
  • 8. How are you addressing your bot concerns? ▪ Addressing now ▪ Plan to address this year ▪ Plan to address next year ▪ No plans to address ▪ Don’t know Survey
  • 9. The BOTS Act explained
  • 10. ▪ Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. ▪ Prohibits the sale of an event ticket obtained through such a circumvention violation if the seller participated in, had the ability to control, or should have known about it BOTS Act key prohibitions
  • 11. ▪ Scalping ▪ Sniping ▪ Spinning 20% of traffic bad bots OWASP Automated Threats relevant to BOTS Act
  • 14. ▪ Must Have Protections Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. Who does it impact? Primary Ticketing. ▪ Federal Trade Commission Audits: Treats violations as unfair or deceptive acts under the FTC Act. The bill provides authority to the FTC and states to enforce against such violations
  • 15. ▪ Must Have Protections Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity > 200 pers. Who does it impact? Secondary Ticketing. ▪ FTC Audits Treats violations as unfair or deceptive acts under the FTC Act, provides authority to the FTC and states to enforce against such violations Prohibits the sale of an event ticket obtained through such a circumvention violation if the seller participated in, had the ability to control, or should have known about it
  • 16. Can you enforce? Who does this impact? Venues. Can you comply? Can you cooperate?
  • 17. If you aren’t bypassing security measures on a website in order to get tickets, you aren’t breaking the law. ▪ Doesn’t eliminate the ability to buy & resell tickets obtained legally ▪ Doesn’t address historical relationships between sellers and reseller ▪ Doesn’t make the 40% of tickets not on public sale magically reappear What the BOTS Act does not address
  • 18. ▪ Bots: scapegoat for a bigger problem in ticketing ▪ Humans + scripts: Cubefarm of people operating bots with industry experts managing them ▪ 7 years + $25M later, FBI cracks down in 2010 ▪ Ken Lowson now a wiseguy turned good …and then there’s Wiseguys Source: https://motherboard.vice.com/en_us/article/the-man- who-broke-ticketmaster
  • 19. ▪ Precise log in, processing thousands of purchases faster than any human ▪ Fooling CAPTCHA, with huge database of combinations + operating at lightning speed ▪ Securing best seats & selling them at a steep markup for resale to the public How they did it Source: U.S. Attorney Office, The Star Ledger
  • 20. Other ‘wiseguys’ like ShowsOnSale continue to pop up, historically hard & expensive to prosecute
  • 21. Why you can’t sell out in 20 minutes Ticket onsales timeline It’s not possible to sell out in less than 2x basket/cart timeout time More info: https://queue- it.com/presentation-can-you-sell-out-in-2- minutes-no-learn-why/
  • 22.
  • 23. In other words, as a venue, organization or ticketing software platform, it is still on you to defend against this fraudulent activity during your major onsales
  • 24. How bots abuse the logic of online ticket sales Distil Networks Queue-it Distil Networks
  • 25. Before onsale: Account Creation Distil Networks Queue-it Distil Networks
  • 26. Before onsale: Account Takeover Distil Networks Queue-it Distil Networks
  • 28. Financial fraud Targets are accounts at financial or e-commerce services that store users’ banking details. The attackers perform unauthorized withdrawal from bank accounts or fraudulent transactions using the credit/debit cards on file. This includes virtual currency such as bitcoin, in-game currency, and rewards programs. This is all worth real money. Account Takeover Attacks: Why? Spam Spam can appear in any service feature that accepts user- generated content, including discussion forums, direct messages, and reviews/ratings, degrading platform integrity and brand reputation. Phishing Attackers can assume a compromised user’s identity and launch phishing attacks on others in his/her social circle to steal their credentials, personal information, or sensitive data.
  • 29. Account Takeover Bots Sophistication
  • 30. Day of onsale / During onsale Distil Networks Queue-it Distil Networks
  • 32. Volume ▪ To achieve this, spinner bots create many hits ▪ Queue-it can recognize this as coming from same device and will block ▪ 50% of blocking during a major onsale is due to spinner bots
  • 34. Speed ▪ Any speed scripted bots arriving before the event are placed in the randomized pre- event waiting room before the event launches Pre-event queue page Live event queue page
  • 35. During ticket purchase Distil Networks Queue-it Distil Networks
  • 37. Multiple purchases, exceeding limits Distil Networks Queue-it Distil Networks
  • 38. IP Address Header & User Agent Information Cookie Browser 200+ Attributes of data Navigator, WebGL, Plugins, Audio, Video, etc. Tamper proofing layer Distil Hi-Def Fingerprint Identification Must Go Beyond the IP Address...
  • 40. StubHub Case Study Account Takeover and Fraud “Distil helped us greatly reduce transaction fraud and account takeovers.” Marty Boos CIO, StubHub
  • 41. StubHub Case Study Ticket Scraping “Competitive data mining for ticket prices and inventory information was a constant threat.” Marty Boos CIO, StubHub
  • 42. StubHub Case Study Skewed Conversion Tracking “The number of conversions were greatly deflated because of bad bot traffic. Now that we’re filtering bad bot traffic out, we’re able to see what the real data is and make decisions based on real visitors.” Marty Boos CIO, StubHub
  • 43. StubHub Case Study Conclusions In reference to the before, wait and buyer journey: “I like this multi-layered approach” George Loyer, Director Technical Operations, StubHub Distil Networks Queue-it Distil Networks
  • 44. Free trial Free trial www.distilnetworks.com/trial www.queue-it.com/free-trial