Arkose Labs Helps Social Networking Site Reduce Web Scraping

Overview

The client is a major social media platform with more than 600 million users and a prime destination for networking, sharing content and job postings, among other things. It is a well-known and trusted brand among its customer base, however that same popularity has made it a major target for fraudsters looking to steal information from the platform.

The Business Problem

This large social networking site was facing a major issue where fraudsters would employ bots at scale in order to scrape information from the public profiles of real users. For fraudsters, this information could then be used for malicious reasons, such as to create synthetic identities or launch targeted phishing scams. The platform needed to ensure it was protecting its users from downstream abuse.

Additionally, user information is core to the business’ commercial viability. Offering products to third parties based on access to user information is the source of revenue for the platform. Therefore, anyone disseminating this information for their own purposes was in fact depriving the networking site of potential revenue millions of dollars. That’s why it was so important for the platform to protect itself from this large-scale scraping of public profiles.

They had to ensure that any solution would not impact the experience of good users. This meant that they needed a scraping solution that would not simply block any traffic that might appear suspicious, but rather a more nuanced approach. They needed to better differentiate between automated scraping and good users who represented future revenue-generating customers. This was critical in order to protect consumers from downstream abuse that was fueled by the information gathered on their platform from the mass scraping.

The Arkose Labs Solution

The social network decided to deploy Arkose Labs on their website in order to detect automated programs carrying out scraping activity and prevent malicious activity. When Arkose Labs detects potentially suspicious behavior – for example if one session viewed multiple user profiles, without logging in as a recognized user – they were presented with an enforcement challenge. Proprietary, interactive challenges are made using 3D visuals rendered in real time, with countless possible variations. These are designed and tested to ensure that all automated attacks fail, are resilient to being solved en masse by computer vision technology, and are resilient to large-scale human-driven attacks. Incrementally complex challenges are presented to bad actors attempting to gain information from the public profiles, in order to sap their time and efficiency and erode the potential profitability of attacks.

Legitimate users who may see a challenge, however, were able to quickly and simply solve them with no negative implications for the overall user experience. By preventing bad actors from carrying out scraping at scale, this eliminated the ROI of these attacks and led to attackers abandoning their efforts against the platform.

Demonstrated Results

• 19% uplift in good user throughput
• Greatly reduced instances of false positives.
• 22% reduction in scraping
• Millions of dollars of potential revenue protected
• Vastly improved experience for good users.