The fintech neobank has grown rapidly in popularity and grew its customer
The Business Problem:
However, this digital convenience also led to numerous attacks on the platform. As the platform skyrocketed in popularity, fraudsters targeted the growing number of user accounts. At its peak, the company was seeing about 30,000 failed login attempts per day; the vast majority of these were credential stuffing attacks seeking to compromise customer accounts. This massive amount of requests also put a great strain on the platform’s tech infrastructure. In order to commit credential stuffing attacks as fast as possible, fraudsters would deploy bots that would directly target back-end API services. By bypassing web forms and talking to back-end servers directly, fraudsters could write more simple scripts that would allow them to carry out attacks at greater volume and velocity. Fraudsters would then drain the funds of customers whose accounts were compromised.