How to prevent website abuse with an email validation api

0
186

Freemium business models, where basic services are offered free of charge but advanced features are paid, comprise powerful pricing strategies for software-as-a-service (SaaS) companies and other online businesses.

MailChimp, for one, experienced tremendous success when it went the freemium route. The user base of the email marketing services platform increased by 240% within seven months. Notably because of the strategy, MailChimp never needed external funding yet has grown to become a multimillion-dollar company.

Alongside MailChimp’s success, however, are the challenges that come with the strategy. For example, spammers have taken advantage of the “free” portion of the services to execute campaigns with spammy email lists; a problem that the company took care of using artificial intelligence. 

But that doesn’t mean potential abuses stopped quite there. Read on if you want to learn about freemium abusers’ tactics, how they can affect your sales, and what an email validation API can do to help curb the problem.

Website Abusers Can Affect Sales

Companies serve freemium offerings or free trials to grow their user bases and increase sales. They hope that free users will like their products or services enough so that they end up paying for additional features (for freemium offerings) or extend their usage (for free trials).

Website abusers, however, always seem to find ways to use products or services without shelling out money. MailChimp’s free plan, for instance, only allows freemium users to send 10,000 emails to as many as 2,000 contacts. Should they exceed this limit, they need to sign up for a paid plan. But in an abusive user’s case, he/she can register for free again using another email address. We tested our theory.

  • We created a disposable email address.
  • We signed up for MailChimp’s free plan using the disposable email address.
  • We received a welcome email and activated our account.
  • After activating our free account, we designed our first email. It’s now ready for sending to contacts.

Our experiment showed that anyone can choose not to pay but still be able to send more than the maximum number of emails allowed in the free plan. All we had to do was sign up again with a different email address, which we can quickly obtain from temporary email address providers that abound online.

That translates to lost sales on MailChimp’s part, which can harm the company since it ends up spending more in terms of server and maintenance costs than it needs to without the prospect of earning revenue.

How Email Verification API Can Help Organizations

Freemium offering and free trial abusers tend to use disposable email addresses since these are easy to acquire. Therefore, the logical tactic to prevent this type of abuse from ensuing is to disallow the use of disposable or temporary email addresses. After all, if the client is legitimate and willing to pay in the future, it would use a real email address.

In our experiment’s case, the disposable email address we used to sign up for a free MailChimp account was indeed detected by Email Verification API.

What does this mean? Integrating an email verifier API into your signup page can serve as your first line of defense. Aside from detecting temporary email addresses, Email Verification API can also check for common misspellings and syntax errors. That way, customers who accidentally type the wrong email address in their registration forms would be alerted in real-time.

The email validation API also checks if the email address exists using a built-in email-sending emulation technique and Simple Mail Transfer Protocol (SMTP) connection check.

The ultimate goal of marketing is to increase sales and help companies improve their bottom line. But if one of its strategies contributes to loss of sales, then that’s not much of a marketing tactic. While offering freemium plans and free trials is effective in increasing one’s user base, additional measures should be put in place to prevent abuse.

Marketing teams should look into tools such as Email Verification API, which can nip abusers in the bud when integrated into signup pages. By only allowing users to register with real and existing email addresses, companies can prevent website abuse.

About the Author

Jonathan Zhang is the founder and CEO of Threat Intelligence Platform (TIP)—a data, tool, and API provider that specializes in automated threat detection, security analysis, and threat intelligence solutions for Fortune 1000 and cybersecurity companies. TIP is part of the WhoisXML API family, a trusted intelligence vendor by over 50,000 clients.