Jscrambler’s advanced script and form security protection ensures sensitive form data is protected and malicious scripts cannot load.

Download Case Study

Overview

This European airline is a global leader in air transportation that operates an extensive flight network connecting Europe to the world through its hubs in European capitals. With over 70,000 dedicated employees and a commitment to diversity, the airline serves millions of passengers across 300 destinations in 120 countries. A large portion of these passengers uses the company’s websites and mobile apps to book flights, check in online, chat with customer service, and redeem loyalty points.

Headquarters

Amsterdam

Jscrambler’s client

Since 2020

Industry

Travel

Use cases

Data leakage prevention

Challenge

The client’s decision to search for client-side protection technology was initially triggered by a credit card data breach at another airline.

Before implementing Jscrambler, the client relied on more traditional security processes that involved checklists and paperwork. However, this manual approach left room for vulnerabilities: “We had security people who could decompile libraries, but they were usually too busy to do it.”.

When the client’s team needed to go fast and add new scripts, innovation sometimes took priority, which meant they would find workarounds to circumvent the documentation-heavy process, leaving them potentially open to attack.

“Other solutions allow you to monitor cross-site scripting or visit CSP policies, but that’s all they do. They won’t protect forms. They won’t ask, “Is this sensitive data? Yes or no?” For us, Jscrambler was the best platform because they do it all.”

Download as PDF ➜

Information Analyst and Product Owner Mobile at Top European Airline

Solution

In search of a comprehensive JavaScript monitoring and protection solution, the client considered various factors, including features and cost. Jscrambler stood out as the only solution that met their security requirements.

The client was particularly impressed by Jscrambler’s Form Fencing feature, which offers fine-grained behavioral control over third-party tag access to form data based on high-level assumptions and user-defined rules. Unlike other solutions, Jscrambler allowed the airline to authorize or block scripts individually.

The company put Jscrambler’s Webpage Integrity solution to the test in multiple Magecart attack scenarios. They ran dozens of tests to see if the solution could detect if content was added, modified, or removed from pages illicitly (DOM tampering), if form events were poisoned, or if data was exfiltrated to a drop server. Jscrambler’s technology passed every single test with flying colors and outperformed all the other available solutions. Adding Jscrambler to a page had little to no impact on its performance.

“With most companies, you buy a product, you get support for one or two months, and then you’re on your own. But with Jscrambler, we meet regularly twice a month. We know when new features are coming, even if they haven’t been released yet because they’ll tell us about them on our call and ask us what we think. It’s a nice dialogue to have. You really feel the personal touch. Jscrambler’s customer support is definitely a big plus.”

Information Analyst and Product Owner Mobile at Top European Airline

Top Jscrambler Features

Full Visibility and Control

Form Fencing

PCI DSS Compliance

Results

With zero security incidents, increased efficiency, and peace of mind, Jscrambler has become an integral part of the airline’s strategy for maintaining the highest security standards in today’s evolving digital landscape. The client attests, “We sleep easier at night because we know that the people at Jscrambler are looking out for us and our clients.”