The Impact of Bad Bots on Airline Websites

The travel industry and airlines are identified as one of the most susceptible sectors to automated website threats, and, they are one of the most likely business sectors to be scraped. Web scraping or screen scraping is an alarming risk; it is probably the biggest threat to airlines and travel websites.

Web scraping is a process of extracting data from web pages using bots to refurbish it on other websites. Many online businesses are losing sales due to scraping, and yet same companies are often unaware that they have been victims. With airlines companies, it is the real-time prices that are scraped by competitors to do competitive pricing.

For example, we saw rampant scraping happening mostly during the sale seasons with bot traffic reaching 60% of the overall traffic on a regional airline company whom we were protecting from automated threats.

According to our recent report, more than 50% of all traffic on the web is generated by bots. Some website owners may get excited when they notice a sudden increase in visitors to the website. Most of the website visitors are not human but are instead bots, and not all bots are good. Competitors or bad actors employ these bots to scrape your pricing data, content and product or service information so that they can defeat you in the competition.

Despite the industry losing billions of dollars to scrapers, how to overcome the airline scraping problem remains a controversial subject for most large airlines.

Bot Challenges for Airline Websites

• Unwanted GDS queries – unwanted bot queries for flights can cause unnecessary charges on your airline websites. Price displayed on the airline GDS will significantly be increased due to the fake queries made by bots. Unwanted GDS queries can also be used to scrape prices of flight tickets by your competitors. These fake GDS queries can never let you generate a legitimate booking.


• Airline Price Scraping - The primary objective of an airline website is to get maximum flight bookings. While your team is dedicatedly working to achieve this very objective, your competitors will engage in competitive pricing tactics by employing bots to check various flight routes and their prices. This inflates flight costs on your website. Ultimately you will lose your genuine customers from booking flight tickets on your site.


• Spinning (Seat holding) – Malicious bots check for available seats on an airline website and hold or block all of them in the cart without proceeding to payment so that those seat availabilities are not visible to your legitimate customers for some time. Due to seat holding, your customers may end up buying tickets from your competitor's website.


• Skewed look-to-book ratio - When excess web requests are made through bots, the look-to-book ratio will be artificially inflated, and it significantly increases airline’s prices. The other financial consideration in allowing third-party bookings is that the opportunity to drive ancillary (non-ticket source) revenue is lost.


• Loyalty points theft – Loyalty points or mileage points are a significant target for bots as they can quickly be converted to cash or used to book flight tickets. These loyalty points are being attacked by bots performing brute force attacks. Brute force attack is performed by bots to systematically try millions of username/password combinations until they get lucky and find one that works at victim site. As you know many people use the same credential to log in multiple sites. Thus bots can access all those sites without any failure.


• Infrastructure strain and downtime – Bots making unwanted queries and API calls can spike page requests, which results in unnecessary server costs. Millions of queries generated by bots spamming your website can overload and slow down your website. Now that your webpage is loading slowly, your legitimate customer would get frustrated and may visit your competitor’s site.

How InfiSecure Technology stops all automated threats on Airlines?

• Scrapers do not discriminate between low cost, ultra-low cost or full-service traditional airlines. Every airline company is a likely target for scraping. The profits available for the dynamic packaging of ancillary services such as insurance, hotels and car rentals are enough to motivate scrapers financially.


• The best way to control scraping is to block scraping bots from entering your airline website. InfiSecure provides the most accurate scraping protection for airline industry websites and protects your site against the most advanced persistent bots (which are hard to detect) in real-time.


• InfiSecure uses advanced behavioral fingerprinting technology which includes IP behavior analysis, user behavior analysis, device fingerprinting, centralized intelligence and machine algorithms to provide 24*7 protection against scraping and other automated threats.

Benefits of InfiSecure scraping protection

• Detects and blocks airline scraper bots in real-time, your airline website will no longer get unwanted and fake bookings.


• Stop competitors undercutting your price, stay ahead in the competition – InfiSecure stops disruptive scrapers from entering your airline website and protects your pricing data.


• Avoid non-human traffic to your website – airline scraping protection will only allow genuine human traffic on your site and increases your revenue.


• Improve KPIs and decision making - Now that you are differentiating between human and non-human traffic on your website analytics, the KPIs are represented properly and leading to better decision making.


• Reduces infrastructure cost – By blocking unwanted queries on your airline website, page loading speed will be increased, and infrastructure cost will be reduced.

InfiSecure airline scraping protection provides real-time protection for airline websites from all types of automated threats, or non-human attacks at any scale.