- Human Defense Platform
- New York City
- Washington DC
- Tel Aviv
This global airline used open source libraries and third-party code to build its website. The security team lacked visibility into the behavior of client-side code. This made it difficult to catch and fix script vulnerabilities, which could be exploited to conduct digital skimming and Magecart attacks that captured users’ credit card numbers, CVV codes, and other sensitive PII.
The airline had seen numerous high-profile Magecart attacks in the news, including an attack in 2018 on British Airways that resulted in some 380,000 users’ credit card details stolen and more than $20 million in fines for regulatory noncompliance. This airline knew it needed a solution to protect itself and its customers.
The airline needed a real-time client-side security solution that could detect risks in first-, third- and nth-party code across on their site. They realized that static scanning alone would be ineffective in finding and stopping client-side attacks, and a content security policy (CSP) solution would be too complex to manage.
After evaluating multiple solutions, the airline selected HUMAN Code Defender to protect their website from digital skimming, formjacking and Magecart attacks and help ensure data privacy compliance. There were several factors in their decision:
Code Defender helped the airline safeguard customer data by providing continuous protection against client-side attacks. This has resulted in several key benefits: