Coupert

Coupert blocks 3 Million automated attacks monthly and improves site performance

Coupert is an online shopping assistant that automatically applies coupons, cashback offers, and price comparisons to help its users save money. The company’s intelligent assistant identifies and validates coupons and other offers and seamlessly applies them during the checkout process. It has tens of millions of users located in 15 countries and regions distributed around the globe, including the United States, the UK, Germany, France, Japan, and Southeast Asia.

Automated attacks impair merchant trust and harm site performance

Previously, the company had a fragmented security stack that struggled to defend against automated attacks performing coupon abuse and API-focused attacks. These threats negatively impacted site performance, increased infrastructure costs, and harmed merchant relationships. According to Tyric, Coupert’s Head of Security, “Before Cloudflare, my team spent excessive time manually identifying and mitigating malicious behavior, and our traffic performance in Japan and South America was inconsistent.”

Cloudflare blocks bot attacks and enhances site performance

A surge in credential stuffing, scraping, and API abuse meant that bot-driven traffic accounted for 20-25% of traffic on Coupert’s reward APIs. These fraudulent transactions mimicked legitimate user behavior to earn cashback without performing genuine transactions. “We relied on a patchwork of Nginx rules, IP blacklists, and custom scripts to identify attacks,” described Tyric. “It lacked adaptability and didn’t scale as attacks grew more sophisticated.”

After alternative solutions proved insufficiently intelligent and scalable, Coupert deployed Cloudflare Bot Management and Advanced Rate Limiting to block the traffic. The company implemented custom API header-based rate limiting to block abusive login attempts, fake calls to cashback APIs, and malicious scraping attempts, decreasing malicious bot traffic by 75%. “Bot Management integrated seamlessly, provided precise threat scoring, and had 99% false positives,” commented Tyric. “We now have confidence in our detection without sacrificing user experience.”

In addition to the potential for fraudulent transactions, Coupert was also struggling with site performance for certain regions. “Poor content delivery performance in regions like Japan and South America negatively affected user retention,” recalled Tyric. Now, the Cloudflare CDN caches approximately 1 TB of data per day, reducing bandwidth utilization and load on the company’s origin servers, and static assets load 40% faster on average.

Enhanced security improves customer retention and infrastructure spending

Cloudflare WAF blocks over 3 million threats each month and has reduced average incident response time by 30% via single-pane-of-glass visibility and an intuitive user interface. By blocking malicious traffic and caching 1 TB of data per month, Cloudflare has reduced Coupert’s yearly infrastructure costs by 20%, enabling it to recover its ROI from investing in Cloudflare within 6 months. “Improved traffic performance, especially during high-traffic events, prevents user churn and reduces time spent by our security team on manual interventions,” said Tyric.

Planning zero trust and optimized fraud detection

In the next 18 months, Coupert plans to further enhance its security by deploying Cloudflare Zero Trust and to implement key capabilities on Cloudflare Workers. By moving logic-intensive features, such as fraud scoring, to the network edge, the company will optimize response times and enhance its ability to detect fraud in real time. “Cloudflare is not just a vendor — it is part of our core infrastructure strategy, helping us scale securely and serve users globally with confidence,” commented Tyric.