Donately Leverages PerimeterX Bot Defender to Fight Fraud and Carding Bot Attacks

Download Case Study

Company

Donately is an online donation platform for nonprofits, religious organizations and social good causes. Founded in 2013, Donately has helped thousands of organizations raise money online with advanced and flexible capabilities and at an affordable cost. Donately processes millions of dollars a month, with over 1,000 accounts actively raising money at any given moment.

Problem

As a donation software service, one of Donately’s objectives is the security of all transactions. Nonprofit organizations are a common target for online fraud since they process large amounts of online donations. Nonprofits rely on Donately to reduce payment fraud and eliminate chargebacks related to carding attacks.

To avoid fraudulent transactions, Donately has always dealt with massive bot-driven attacks by blocking activity from locations where they didn’t expect user activity, such as Russia and the far east. Later the team started to see much larger numbers of fraudulent transactions coming from Brazil, a part of their natural territory. The ratio between fraudulent and legitimate transactions originating from Brazil sky-rocketed to 1,000:1, probably due to lax law enforcement in Brazil for credit card related fraud.

An increase in the sophistication of the bots coupled with the brazen attacks originating from Brazil made Donately look for a solution to help mitigate bot attacks and prevent fraudulent transactions.

“Fraud conducted by bots became a real problem for us. The team had to constantly deal with fraudulent transactions, sometimes in the middle of the night,” said Bryan Shanaver, CEO of Donately. “We always made sure to protect our customers’ donations, but we realized that we had to get help with solving this problem so we could focus our time on the capabilities we provide them.”

Learn more about Carding

We were spending a lot of time dealing with the bot problem and managing fraud resulting from carding attacks instead of adding functionality to our software and investing in our business.

Bryan ShanaverCEO at Donately

Solution

Donately needed a solution that would protect their system from automated bots to prevent fraudulent transactions, so they turned to PerimeterX. PerimeterX Bot Defender is a powerful, cloud-based and infrastructure-agnostic bot management solution for detecting and mitigating bots. The solution employs behavior-based analytics to detect anomalies and prevent sophisticated bot attacks.

"We searched around and compared the options, and Bot Defender looked like the best solution," said Shanaver. Bot Defender offered a range of features that were optimally aligned with the team’s requirements:

Accurate bot protection: Bot Defender protection on the checkout page enabled real-time mitigation of fraudulent transactions before they got to the payment service or incurred any chargebacks.

Open architecture: Bot Defender could be deployed anywhere within the existing infrastructure with no changes required.

Always-available security expert support: PerimeterX offers best-in-class service and responsiveness, fast deployment and 24/7/365 security analyst oversight.

Bot Defender

Result

By implementing Bot Defender, Donately realized compelling benefits:

A huge drop in fraudulent transactions in a short time: In three days, the number of fraudulent transaction attempts hitting their servers dropped from 100,000 to around 150.

A significant reduction of the time spent by Donately team on dealing with automated fraud: PerimeterX support helped Donately cut the time they spent on dealing with automated fraud and let them focus on their customers and capabilities.

Learn more about Bot Defender

In three days, we could see a huge reduction of fraudulent transaction attempts — from 100,000 to 150. Now our customers get three layers of security: Donately’s anti-fraud protection, Stripe’s payment protection, and the big umbrella of PerimeterX Bot Defender along with its always-available security analysts — a level of security that no organization can get with just a homegrown solution.

Bryan ShanaverCEO at Donately

© PerimeterX, Inc. All rights reserved.