Deindeal Customer Story

Blocking Unwanted Automated Traffic

Deindeal company logo

Deindeal was founded in 2010, is now one of the largest e-commerce portals in Switzerland and is part of the Ringier group. The company has received numerous awards for its business, including the prestigious Swiss E-Commerce Award. Its range of products includes exclusive brand products, travel deals and local deals - all with high discounts.

Having a WAF with bot detection built-in worked well for us when we had a web-based platform. The browser gives you some context to help you to spot bad bots. Moving to APIs means that you have no context through which to identify automated traffic. It was clear that a new security solution would be needed for our API based platform.

- Alexandre Branquart, CIO/CTO & Co-Founder

The Challenge

Deindeal’s e-commerce business has grown fast, covering an increasingly wide range of product sectors, and the rising use of their mobile apps. As the company evolved its platform architecture, the team was very conscious that the introduction of APIs might expose the business to a new range of automated attacks via bots or scripts. Such threats, if successful, could directly affect revenue and profitability.

How Approov Mobile App Protection Helped

Approov was added to the Deindeal platform to specifically ensure that only genuine mobile app instances could use the API. This was directly to address the risk of scripts impacting revenue by impersonating app traffic - in order to scrape product data and then buy up high demand items, or to commit other fraudulent acts.

Implementing Approov into the Deindeal was straightforward. The token check was implemented at the edge of the network within the Cloudflare CDN in order to reject bad traffic as early as possible.

The Approov protection was deployed into production and monitored using the Approov metrics in order to ensure that everything was working as expected. Once it was clear that automated traffic was being identified correctly and that the inclusion of Approov had zero impact on the customer experience, all bots and scripts were blocked.

Over time, adjustments to the applied security policies have been made via Approov’s over-the-air capability, making managing the deployment very efficient.

Alexandre has this advice based on Deindeal’s Approov experience:

Request a Demo

Give us 30 minutes and our security experts will show you how to protect your revenue and business data by deploying Approov to secure your mobile apps and your APIs

Get a Trial

Approov offers a complimentary 30 day trial (no credit card necessary) to give you immediate and valuable insight into the security risks of your mobile apps and the devices they run on.