Case Study

Industry-Leading Airline Case Study

By Netacea / 10th May 2019

Industry-Leading Airline Case Study

Preventing Bad Bot Traffic for an Industry-leading Airline

Airline Customer Profile:

Well established, publicly listed, an industry-leading airline that aims to provide highly competitive experience to its customers through the mobile app and website.

  • Billion-pound business.
  • Operates over 100 destinations throughout Europe.
  • High profile target within the industry.
  • Over 10,000 employees throughout Europe.
  • 100m passengers flown annually.

“Working with Netacea has strengthened our overall cybersecurity posture. In partnership with the Netacea team, we can now inspect automated traffic in real-time and make informed decisions about the mitigation action we want to take.”

– Head of Cyber Security

Client Challenge – Bot Mitigation Traffic Challenges

An industry-leading airline had been using a global cybersecurity brand to help solve their bot mitigation traffic challenges. Following initial success, it became apparent that the techniques used were failing to mitigate the re-emergence of sophisticated and persistent bots to the detriment of legitimate user experience.

“$6.5 – $7 billion lost per year to Account Takeover attacks.” – Forrester

Solution: Intent Analytics

In a series of consultative workshops with Netacea’s team of data scientists, it was discovered that the global cybersecurity brand was using legacy techniques such as JavaScript and other static ruleset-based approaches, that were easily circumvented by threat actors. The Netacea team collaborated with the airline to define a solution that tackled the immediate problem, would adapt to mitigate changing threat behaviour and would evolve in-line with the company’s growth.

Netacea Airline Risk Dashboard Profile
Netacea Dashboard – Risk Profile

Seamless user experience improves airline’s bottom line

The airline was experiencing re-emerging automated traffic challenges, including credential stuffing, account takeover, fake account creation, carding and website scraping. The result was a direct and indirect loss in revenue, the implementation of manual mitigation processes and an increasingly poor experience for legitimate customers.

Recognising the catastrophic impact of automated traffic on the business’s bottom line, the airline’s board prioritised tackling the issue. It identified the urgent need to prevent severe reputational damage and plummeting share prices in the event of a data breach; not to mention GDPR fines of up to 4% of the airline’s global annual turnover.

“In 2018, there were 53,308 security incidents and 2,216 data breaches from 67 contributors across 65 countries.” – Verizon

It was vital to the airline that Netacea could provide a strategic solution with speed, agility and transparency to inform future decision making and fundamentally improve the experience for legitimate users.

Rapid & Accurate Detection Using Intent Analytics

Netacea’s Intent Analytic’s engine complements existing controls such as WAF rulesets, rate limiting and threat databases that leverage machine learning to provide a deep analysis of all website visitors, empowers the airline with a comprehensive understanding of bot and human behaviour.

Netacea’s innovative technology has immediately reduced the amount of manual password resets the airline needs to perform on customer accounts, lowered excess infrastructure costs incurred to accommodate bot traffic and reassured the airline that their assets are secure.

“We saw an immediate reduction in automated traffic that instantly improved website and app performance for human users. This subsequently lowered our ongoing infrastructure costs and risk, allowing us to focus on our strategic initiatives.”

– Head of Cyber Security

Smarter Bot Management

Intent Analytics, Netacea’s machine learning engine, now provides the airline with a sophisticated solution to the increasingly complex bot challenge, as threat actors defer from web-based attacks to the often-overlooked mobile app and API threat vectors.

It is crucial that the airline focuses on securing these vectors, as increasing app users and facilitating partner integrations via APIs is inherent to the ongoing success of the business. With Intent Analytics placed at the API layer, our detection technology is not in the threat actor’s realm, they do not interact with the engine itself and our solution cannot be reverse-engineered.

About Netacea

Netacea provides an innovative bot management solution that solves the complex problem of account takeover and malicious bot activity for their customers, in a scalable, agile and intelligent manner, across websites, mobile apps and APIs.

Our Intent Analytics engine is driven by machine learning to provide deep analysis into all traffic to your site. This gives us an incredibly fast and accurate understanding of human and automated traffic behaviour that enables us to adjust their website journey in real-time.

With machine learning at the heart of our approach, our technology provides an innovative and profoundly more effective alternative to the traditional ‘black box’ or JavaScript reliant solution that is configurable to your environment and adapts to changing threats.

View the Netacea Solution Brief to learn more about our machine learning approach to bot management or sign up for a Free Bot Management Trial to demo and test the solution on your website or mobile app.