Jscrambler, a leading security solution for JavaScript protection and real-time webpage monitoring, has released research findings on the top US and EU e-commerce websites which are under risk of data skimming attacks due to unprotected JavaScript running on the payment page.
Payment pages on websites are flooded with third party JavaScripts. Jscrambler found that 60% of analyzed websites in the US have more than 10 different vendors on their payment pages.
Unless these sites find a way to identify, monitor and control the behavior of these third-party scripts, the attack surface will remain vast and unchecked.
With British Airways recently falling victim to a £20m fine after the data of 400,000 customers was leaked through JavaScript vulnerability, these risks are not only costly for the customer, but pose a large financial burden on the business as well.
The external risk and high-value placed on e-commerce in users’ daily lives shows the vital importance in having visibility and control over the pages which enable payments.
You can read the research here.