SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Exploring the role & impact of bots in eCommerce

Today

The role of bots in eCommerce has been explored in a new article by Shira Itzhaki, Head of Identity and Bot Protection at Forter, which sheds light on the distinctions between beneficial and harmful bots.

A bot, as explained by Itzhaki, is a software application that performs automated tasks ranging from filling out forms to extracting personal information from websites. Bots date back to the 1960s with MIT's ELIZA, which simulated conversation patterns. Subsequent bots like PARRY and Jabberwacky expanded the field by being utilised in healthcare and academic research respectively, eventually making their way to the internet.

Though bots have become essential in facilitating eCommerce tasks, distinguishing their intent—whether beneficial or malicious—remains a significant challenge. Shira Itzhaki states, "Good bots have been primarily categorised as malicious, engaging in harmful activity such as penetrating websites to steal inventory, testing stolen credit cards, or executing credential-stuffing attacks." The emergence of Generative AI (GenAI) technology introduces 'good' bots that enhance business operations, such as finding affordable flights or automating household purchases.

Itzhaki elaborates on how these bots are being integrated into consumer experiences through online shopping. GenAI technologies enable bots to not only restock household items but also assist retailers in optimising pricing and promotions based on demand data, therefore delivering personalised experiences to customers.

Conversely, the rise of bots-as-a-Service has catalyzed the development of 'bad' bots. "In 2023, bad bots accounted for 32% of all internet traffic," according to Itzhaki. These bots are often sold on the dark web to assist in committing fraud by taking over consumer accounts or purchasing high-demand products to resell at inflated prices.

In addressing bot detection, Itzhaki questions the efficacy of CAPTCHAs in differentiating between malicious and beneficial bots. "CAPTCHAs serve a singular purpose: to determine if a user is a human or a bot," she says, arguing that this method falls short in a business landscape increasingly relying on helpful bots.

To effectively distinguish between good and bad bots, retailers are urged by Itzhaki to adopt identity intelligence. By using these systems to accurately identify each interaction—whether from a genuine customer, bad actor, or bot—the shopping experience can be improved.

Itzhaki recommends that retailers should implement identity intelligence tools throughout the digital commerce journey, collect comprehensive data on user activity, and ensure collaboration between bot and fraud experts. "Using identity-level intelligence, fraud and bot detection teams can distinguish between humans, good bots and bad bots – resulting in stronger bottom lines and an enhanced consumer shopping experience."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X