Safeguard the Retail Customer Experience on Google Cloud

The top concerns of retailers surveyed were account takeover and credential stuffing attacks,³ primarily driven by malicious bots. With help from generative AI, bots can begin using reconnaissance to guess passwords in addition to simple password spraying to take over a customer account and make fraudulent purchases.

But that's not the only type of bad bot. These malicious programs are also troublesome for e-commerce:

• Scraping bots that continuously crawl websites to extract competitive data such as pricing, often causing site outages and degrading user experience.
• Reseller bots that buy up products en masse to resell at higher prices, leading to stock shortages and lost sales for genuine customers.
• Fake review bots that distort product perception by posting fabricated reviews, which impact customer purchasing decisions.

While widely used, traditional defenses such as CAPTCHAs are no longer sufficient as bots have evolved to bypass these measures with ease. Researchers found that bots solved distorted-text CAPTCHA tests correctly nearly every time, whereas human accuracy ranged from 50% to 84%. Humans were slower than bots, needing up to 15 seconds to master the challenges compared to less than a second for bots.⁴

Not only are many CAPTCHAs ineffective, but they also add friction for customers, risking frustration and abandonment.