A self service online Artificial Intelligence (AI) & Machine Learning (ML) traffic management platform that increases ROI, protects traveler Personally Identifiable Information (PII) and helps meet PCI compliance by mitigating malicious bots and human fraud before they can infiltrate your ecosystem.
As the travel industry begins its journey back towards pre-pandemic levels, the industry must deal with unprecedented challenges relating to cybersecurity priorities that have been understandably neglected. Agility in an unpredictable market requires malicious bot management investments to be made in robust, easily implemented and resource efficient solutions like Pristine Traffic.
Residing at the edge of network, our travel bot and fraud mitigation AI engine reads your weblogs and performs multi-factor authentication on each site visitor and bot, comparing them to our database and categorizing which bots are visiting your site and why.
Your verified access list (your "pristine traffic"), a key component of our travel bot and fraud mitigation system, determines which bots and human traffic sources can visit your site and by auto-generating blocking rules we're able to stop the bad bots before they reach your website.
Our travel bot and fraud mitigation Machine Learning engine provides you with the real-time insight you need to optimize your sales pipeline to ensure that the only traffic coming to your site is "pristine traffic".
Filtering Your Unwanted and Malicious Bot Traffic So That Only “Pristine Traffic” Remains
Very simply, we provide you with a dedicated travel bot and fraud mitigation subscription service that only allows the bot visitors you want onto your web site, so you can deal with the others. Once you have locked down your website to prevent these unauthorized bot visitors, they won’t be able to report any vulnerabilities back to the cybercriminals. While our service can’t protect you from every single attack, it is a cost-effective and vital first layer of protection. Just like the car thief – they will move onto an easier target.
our self service travel bot and fraud mitigation platform offers…
Pristine Traffic is a month-to-month travel bot and fraud mitigation service and may be cancelled at any time prior to the next month's billing.
Pristine's travel bot and fraud mitigation provides automated protection for customer websites and APIs from potential malicious bot threats 24/7
All visitor traffic is run through our travel bot and fraud mitigation machine learning, multi-factor authentication engine. This ensures that unauthorized bots are blocked and potentially malicious bots identified at the network edge, before they reach a website. What remains is a site's "Pristine Traffic".
Our travel bot and fraud mitigation system allows companies to ensure they have comprehensive policies in place across all internet visitors - both human and bot
Pristine's travel bot and fraud mitigation platform utilizes customized ML models to feed into visitor analytics across the enterprise
Pristine Traffic works seamlessly with Content Distribution Networks (CDNs) and Firewalls, such as Amazon AWS CloudFront and Cloudflare without an install.
travel bot and fraud mitigation platform integration is at the edge of the network, with your existing WAF, DDos and other security layers.
Our travel bot and fraud mitigation platform saves on CPU and hosting / bandwidth requirements due to blocking unwanted Bot traffic.
Supports real-time automated travel bot and fraud mitigation and bot detection with full Access and Identity Management for Bots to clean up legacy access control lists
Out-of-Line platform (edge of Network) that causes no network slowdowns, and doesn’t add another layer of risk, or require major infrastructure changes e.g. DNS
Our travel bot and fraud mitigation platform ensures you never block a good bot again
An Increase In Malicious Activity Generally Coincides With An Increase In Travel Demand
Cybercriminal activity in the travel sector is anticipated to spike as the industry begins to recover from the pandemic. As bookings increase, hackers will be increasing their site crawling activities, looking for vulnerabilities and easy targets.
Recovering from attacks is time-consuming, resource draining and costly during normal times. With many travel organizations facing financial difficulties, cybersecurity neglect is bound to catch up with many of these organizations.
Price Scraping…A Double Edge Sword
Web scraper bots collect pricing and fare information. This activity is both beneficial and harmful to travel companies.
On the one hand, travel organizations benefit from these scraper bots. Aggregation and booking sites employ these bots to automatically obtain pricing and fares from participating travel sites. Increased bookings from these aggregation sites represent a substantial revenue channel for many travel companies. With revenue based upon the aggregation site’s sales performance, organizations can defray direct sales costs.
On the other hand, competitors also utilize web crawler bots to obtain price comparison data. This makes it easy for rivals to steal customers by offering lower price alternatives, undercutting special offers and garnering auxiliary sales that they would not otherwise make .
Availability Scraping…Similar To Price Scraping But With Additional Problems
Not only do web scraper bots collect pricing and fare information, they also collect availability information. This activity is both beneficial and harmful to travel companies.
The Benefits. Web scraper bots provide authorized aggregation and booking sites the ability to automatically obtain availability information from participating travel sites. Many travel companies rely upon these sites for bookings.
The Threats. Competitors and hackers use web crawler bots to not only obtain availability information, but also to damage a brand’s reputation and customer experience by holding reservations, reducing availability and slowing the booking reservation engine.
How Malicious Bot Attacks Work
Hackers will deploy generalized bots, which perform a scan of a website and online infrastructure looking for vulnerabilities they can penetrate. On the surface, these “crawler bots” appear harmless, behaving in a similar manner Googlebots. They simply crawl a site, page by page reviewing its content. This first stage, reconnaissance work, enables cybercriminals to automate their penetration testing in bulk. The resulting vulnerabilities are categorized and targeted through custom bots designed to penetrate the specific vulnerabilities.
Attackers use generalized bots to crawl websites in bulk. They simply load domain names into their crawl scripts. These scripts automatically identify and catalog site vulnerabilities. The bots move on from sites they cannot readily penetrate, those without easily identifiable vulnerabilities. This allows hackers to focus their attention on the easier targets.
Cybercriminals don't initially target specific sites. For travel attacks, hackers may have lists of hundreds of thousands or even millions of traveler card details. They'll target travel sites' reservation pages and payment gateways in an attempt to gain access to traveler accounts and to test which records in their database are valid.
Airlines, hotels, cruise lines, ride share companies and the entire travel industry is under constant threat from malicious activity including…
A form of ID theft, ATO's access a site's accounts by credential stuffing in an attempt to obtain PII data and steal loyalty program data such as reward points and air miles. ATO's activity includes:
Password Re-use
using the compromised password from one site on another site
Credential Stuffing
bulk attempts to gain access to user accounts)
Malware
that interferes with user sessions
Remote Access
gaining control of a user's device
Induced Payments
users are tricked into initiating a fraudulent payment
When successful, ATO's are very costly for a healthcare organization to resolve.
Stolen credentials, linking username and password combinations, from a previous data breach are loaded into a credential stuffing tool and deployed against a specific travel website to see which combinations work. Even with minimal success, the hackers manage to take over a large number of accounts.
Bots are used to detect email addresses contained on a site's webpage copy. Next, the bots will attempt to determine the organization's email format by examining the email records. For example: [email protected]. If successful, the bots then gather the names of the organization's employees from the about us, contact us and staff pages. From there it's easy to automatically compile a directory of the organization's employees and their emails. These emails are bulk validated through readily available, inexpensive third-party services before the emails sent. This simple, automated process allows cybercriminals to launch successful phishing attacks.
Travel sites are full of products, services, incentives, advertisement, downloadable content, warnings, tips, resources and advice. Bad bots can scrape all of this content for malicious use. Attackers can steal a site's information and sensitive data. Not only are these bad bots stealing proprietary data, the activity sucks up the site's bandwidth. This, in turn, slows down the site's performance, which can cause downtime and additional overhead if not blocked.
Content scraping bots often create fake registrations and form fills. These need to often be purged manually, increasing customer support and administrative costs.
When malicious bots are aggressively deployed against a travel site, the site's performance is impacted, as pages take longer to load. As a result the customer experience is compromised, damaging the site's brand reputation and lost revenue, as well as negatively impacting the site's SEO rankings.
This practice involves a hacker holding tickets for a period of time to see if they can resell them for higher margin.This prevents real customers from being able to purchase the same tickets. This tactic is used as a type of denial of service attack as well.
Traveler portals provide a communication ecosystem, connecting travelers and their Personally Identifiable Information (PII) to the travel company's network. Inadequate defenses against malicious bot activity can flood the portal with authorization attempts which can overload it, leading to declined access, compromised records, posting inaccurate transactional information, record editing or record deletion.
Smaller Travel Organizations.
Smaller travel organizations are particularly susceptible to data loss as a result of malicious attacks because they use cloud-based services with remote back-up systems to protect from accidental or intentional deletion.
Compromised Passwords.
Compromised passwords increase the threat of sensitive healthcare data theft. The threat from cybercriminals who are actively looking to exploit travel data is a significant concern.
Payment gateways are the conduit to the merchant account provider or bank. They're designed to make the acceptance of credit cards, debit cards and alternative forms of payment easy for the travel site to accept. Inadequate defenses against malicious bot activity can flood the payment gateway with authorization attempts which can overload the gateway, leading to declined transactions, lost revenue, disputes, cancellations and damage the customer relationship. In extenuating circumstances, the gateway provider, processor or bank can suspend or even terminate the organization's accounts.
Look-To-Book ratios measure the number of people visiting a website compared to those who make a purchase. Scraper bots increase the number of web requests which negatively impacts this ratio.
DOI attacks are most commonly targeted towards travel industry. An holds back an item from inventory (tickets, reservations, bookings, etc) but they're not going to actually complete the purchase.
Human Impersonation.
In a DOI attack, the bot pretends to be a customer, creating a reservation, but rather than paying for it, the transaction is on hold, for up to 20 minutes typically, allowing for time for the perceived customer to complete payment.
The hacker uses this 20 minute hold period to try and resell that booking by marking up the price on another site
Simultaneous Bot Attacks.
By utilizing multiple bots simultaneously, the hacker increases chances for success, by account for reservations they weren't able to resell within the holding period.
Bots React Faster Than Humans.
These DOI attacks get even worse. Since the bots react faster than any human can react, the hacker is able restart the whole process again.
Once Pristine Traffic is active, your dashboard allows you to easily see all the legitimate activity of the bot visitors. After activating your verified watch list, Pristine Traffic begins blocking unwanted traffic and fake bots. Utilizing our Ai and ML engines, our platform ensures bad bot visitors are stopped and pristine traffic, good traffic allowed in.
