

Beating sneaker bots has become a battle of increasing intensity in the last few years, infuriating brands and customers alike.
The automatic nuisance called sneaker bots were firstly built to automate the purchase of mass quantities of sneakers for hoarders and collectors, who will then resell them at x-times the retail price, only for ordinary customers to find it almost impossible to find a pair available online.
It is infuriating online shopping experiences and damaging the reputation of brands by resignedly signaling the “out of stock” sign to online customers.
Like weeds when gone untreated, the spread of sneaker bots has outgrown their original purpose and has spread across the entire ecommerce environment. They are no longer confined to sneakers; apparel brands, airlines, event ticket sites, ridesharing platforms — all have become the terrain for these bad bots.
The scale of the problem is highlighted with the statistic that last year sneaker bots made up 1/4 of total website traffic. And the majority of traffic is driven by mobile.
What is there to be done?
Firstly, brands that host their websites on Salesforce Commerce Cloud put themselves in a strong position provided that they utilize the strong safety functionality of the ecommerce platform.
Secondly, brands and retailers are able to protect their mobile apps, and prevent devs who create sneaker bots from being able to use them. Fortunately, this is fairly simple to do. There are a bunch of security methods that can prevent the development of bots that target ecommerce apps. Security methods — including app shielding and app hardening, simulator and emulator prevention, targeted encryption and debugging prevention — block potential pathways for bots to journey down.
If these are security methods that you have not implemented, or are considering implementing post-app release, it’s very important to get this done and release a new app as soon as possible, to help strengthen your defenses. Because it’s like building a fort around your castle only after the enemy has entered the defenceless area.
It’s worth noting that one of the least effective methods that may sound like an obviously useful tool is identifying bundle IDs in order to block them from purchasing from your site. The bundle IDs of sneaker bots are easily changed — and in fact many change automatically — which makes going after them a bit like poking a hole in a dam, or for another to appear, and then another one, until all your fingers are occupied.
PS: ArganoUV is one of the world’s leading Salesforce Commerce Cloud tech teams. Contact us to see how we can work together.