Protects E-Commerce Against Bot and Magecart Attacks

Download Case Study

Company

Sally Beauty is the U.S. and Canadian brand of Sally Beauty Holdings, Inc., a global distributor and specialty retailer offering professional beauty products to both retail consumers and salon professionals with 5000+ stores worldwide. Sallybeauty.com is the e-commerce business for the Sally Beauty brand.

Problem

Sally Beauty leverages Salesforce Commerce Cloud for its online store, as part of its omnichannel retail strategy. As the site gained popularity and transactions increased, the finance team started to notice significant spikes to the tune of thousands of dollars per hour in fees for declined cards and was impacting the company’s bottom line. The card-not-present (CNP) fraud costs, incurred for every transaction, were specifically card pre-authorization, address verification service and payment gateway fees.

The finance team recruited the security team to investigate. A detailed investigation revealed that high volume card testing was being performed on the website. Carding bots were highly active, where automated tools were cycling through stolen credit cards on the website to test for validity.

The security team partnered with the e-commerce team and the development team to find a solution. Sallybeauty.com was using the built-in WAF support from Salesforce Commerce Cloud, which was not sufficient in combating the carding attacks since the attacks evolved rapidly and the rule-based approach fell short. The company needed something more robust and consistent to fight carding bots without having to expend resources from the security team or the web technology team. The solution had to integrate easily with Salesforce Commerce Cloud.

In addition, mitigating digital skimming and Magecart attacks was top of mind for executive management as news about Magecart attacks on online retailers made headlines. Protecting user personally identifiable information (PII) and credit card data was a top priority.

Learn more about Digital Skimming

In just one hour of one day, if we had not had PerimeterX Bot Defender in place, we would have seen about 34,000 hits on our backend payment processor. That’s about $3,100 (in fees) in just an hour.

Lee TarverSenior Manager of Information Security Architecture and Engineering

SFCC - Storefront Reference Architecture Certified
PerimeterX products directly integrate into your Salesforce Commerce Cloud store using certified Cartridges, your digital storefront is protected from login to check out, stopping unwanted bot traffic and client-side attacks.

Solution

Sallybeauty.com recognized that its charges related to fraudulent transactions were an escalating problem impacting the costs associated with payment processing. The PerimeterX Platform addressed the needs of Sallybeauty.com to develop its strategy for combating carding bots and Magecart threats.

No infrastructure changes: PerimeterX Bot Defender fit seamlessly into the Salesforce Commerce Cloud platform used by Sallybeauty.com to combat sophisticated carding bots. The ability to implement Bot Defender without coordinating efforts between application owners and infrastructure providers was a huge plus for the team.

Accurate detection: Rules-based technology was known to be insufficient to combat all bot attacks especially with the growing sophistication of bots. Bot Defender, with its behavior-based bot management technology, was a complete solution with the ability to combat the growing sophistication of bot attacks.

Comprehensive coverage: The combination of Bot Defender and PerimeterX Code Defender provided a comprehensive solution for bot attacks and addressed the growing concern of Magecart attacks. Code Defender provided a complete and automated solution for detecting malicious activity from third-party scripts that could unknowingly leave their website vulnerable. Sallybeauty.com was able to safeguard their customer data by leveraging Code Defender.

Bot Defender

Result

Sallybeauty.com was able to safeguard its website from automated attacks leveraging Bot Defender and Code Defender.

Reduced digital CNP fraud from automated attacks: Prior to their installation, the team witnessed a carding attack that had a volume of 34,000 hits within an hour hitting the payment processor, costing them over $3,100 per hour in fees alone. This didn’t include the potential additional fees such as chargebacks and risk fees. With Bot Defender implemented during a similar attack, they saw a 97% reduction in bot-driven CNP fraud costs.

Ongoing protection without additional overhead: The comprehensive and automated approach of Bot Defender enabled Sallybeauty.com to stay on top of potential threats and all bot types. The blind spot of bot traffic was eliminated, and they were able to determine the malicious bot traffic versus the good bot traffic.

Reduced risk of digital skimming attacks: Code Defender helped the Sally Beauty team to save on significant resources by automating the detection o potential Magecart threats. Sallybeauty.com reduced resources and the risk to it reputation by detecting and monitoring coding vulnerabilities where scripts coul hijack customer data and jeopardize the customer experience.

Learn more about PerimeterX Platform

We can now do what normally takes more than a half a day in a matter of minutes.

Ricardo Medina Information Security Operations Manager

Secure Your Digital Business with PerimeterX

  • Accurate Threat Identification Icon
  • Accurate Threat Identification

  • Using machine learning and behavior-based analytics, PerimeterX solutions detect and block automated bot attacks and client-side threats with unparalleled accuracy. Your online business is protected while preserving user experience and page response times.

  • Fully Compatible Integration Icon
  • Fully Compatible Integration

  • PerimeterX is cloud-based and platform-agnostic. Using machine learning, we constantly update our library of attack patterns based on interactions with applications, fingerprints from devices and network characteristics to protect against the next new threat.

  • Frictionless Customer Experience Icon
  • Frictionless Customer Experience

  • To keep watch over your web and mobile applications and APIs, PerimeterX functions as an extension of your team and provides responsive, best-in-class service and around-the-clock security analyst oversight.

© PerimeterX, Inc. All rights reserved.