Snapchat Identifies Critical Risk & Shows Direct Savings with AWS & Arkose Labs

Summary

With more than 300 million users, Snapchat—a holding company of Snap Inc. and leading social network platform—has one of the largest demographics of young users on the public internet, making it a highvalue target for cyberattacks. Snapchat is committed to protecting customers from virtual threats and creating a friendly interface that does not interfere with the legitimate user experience. To do this, Snapchat adopts a systematic approach to cybersecurity, aiming to understand the user’s perspective and employing engineering metrics to measure the platform’s security.

To secure websites and applications like Snapchat, Arkose Labs utilizes the full suite of Amazon Web Services (AWS), including data center locations to help secure digital assets and APIs around the world. With Arkose Labs and AWS working in partnership, businesses like Snap Inc. are able to protect its application stack while finding a superior user experience for customers.

The Business Problem

Snapchat was looking for a solution that would enable its security team to improve the overall posture for end users and remove bad actors from the platform, while also demonstrating direct cost savings for the business. Snapchat was also looking to prove value in the detection of critical risk and the reduction of fake accounts being created then locked. It needed a way to initiate a risk score and perform challenge orchestration, to understand how a particular session should be treated—and to substantially reduce latency.

Snapchat began to question the overall effectiveness of the security solution it had used for more than a year. After considering the option of building inhouse defenses and utilizing open-source challenges, Snapchat was introduced to Arkose Labs and realized its potential to provide a viable path to protection with fewer operational burdens for the Snapchat team.

The Arkose Labs Solution

According to Nick Reva from Snap Inc., the company relies on data rather than intuition when making decisions about security. As a result, Arkose Labs conducted a three-and-a-half-week Proof of Value (POV) with Snapchat to assess the effectiveness of the security platform. As part of this process, Arkose Bot Manager ran in an observatory mode in which it would risk score transactions without taking action. This was done for a portion of the time, then flipped. At that point, Snapchat looked at the metrics for high risk, where user sessions that resulted in a critical risk score were evaluated.

Snapchat benefited from Arkose Bot Manager’s detection of potential risk and decreased the number of fake accounts. Our risk signals, also known as “telltales,” helped the Security Operations Center (SOC) and the Snapchat security engineering team profile traffic and identify fraudulent behavior quickly. This enabled them to take defensive actions with confidence.

Snapchat was impressed with the managed security services and SOC support provided by Arkose Labs, a level of engagement it had yet to experience with a security provider. Arkose Labs assigned an account management team and a dedicated security analyst, familiar with the Snapchat environment, as well as a solution architect focused on security. This enabled Snapchat to have access to a 24/7 Security Operations Center run by Arkose Labs, which was constantly monitoring user traffic. Through the partnership, Arkose Labs customized the playbook for Snapchat while also empowering them to co-write it, providing a level of interaction not typically seen with other security vendors.

Arkose Bot Manager, in combination with AWS WAFv2 and AWS CloudFront, significantly enhances security for customers running on AWS by leveraging advanced bot detection and mitigation from Arkose Labs alongside AWS’s native security capabilities. AWS WAFv2 provides customizable rules and managed rule groups for bot control, allowing for precise traffic filtering and real-time threat response. CloudFront’s global content delivery network and built-in DDoS protection (AWS Shield) ensure secure and efficient traffic distribution, SSL/TLS termination and edge security. This integrated solution ensures that malicious traffic is identified and blocked early, protecting web applications from bot attacks and other threats while maintaining high performance and availability.

The Results

Snapchat experienced a rich, comprehensive response with Arkose Labs, with more than 80 data f ields presented. This enabled Snapchat to internally classify risk into high and medium categories. Arkose Bot Manager was able to identify a substantially higher number of dubious login attempts on the web, dramatically reducing critical login attempts.

Leveraging Arkose Bot Manager to reduce fake accounts helped Snapchat save dramatically on security costs. By reducing fake accounts, as well as sign in and sign up, Snapchat reduced the volume of SMS messages being sent for account verification and account challenging. If an account is created and a phone number used, and an SMS is sent, Snapchat pays for that message. When bad actors use premium numbers, this problem becomes expensive—dozens of cents per SMS, as many of these fraudsters come from countries with high SMS costs.

Through the AWS partnership, Arkose Labs was able to create a system that is highly available, responsive, and capable of handling network and system failures at a very high scale. As a result, Snapchat was able to prevent fraudsters from entering the funnel and creating accounts, thereby reducing the amount of SMS verifications needed.