Lock down your
E-commerce represents a growing share of the retail market, and many online retailers find that mobile sales represent the majority of their total e-commerce. Losing customer payment data and other personal information through these transactions can cost a retailer millions of dollars in fines, IT costs, and lost business.
Stop credit card and data theft.
Criminals around the world use automation to find and attack vulnerable sites, preferably e-commerce sites with shopping carts. Skimming and form-jacking are ways of stealing a customer’s credit-card data as the customer is entering it. Newegg and Ticketmaster are among the many online retailers who have lost customer information to such an attack.
Barracuda application security solutions can protect your customers and website from these attacks with automatic vulnerability scanning and remediation. Barracuda Advanced Threat Protection and a variety of integrated scanners protect your business from new and old vulnerabilities.
Simplify security for apps and APIs.
Retailers offering a mobile app for purchases and other services are exposing their businesses to new types of attacks. The National Retail Federation reports that mobile purchases account for nearly half of online sales. The Verizon Mobile Security Index found that 31% of retailers were victims of mobile compromise, and 70% of them were notified by a customer, partner, or law enforcement. 27% of these compromises had lasting damage. When fitness application MyFitnessPal was compromised, parent company Under Armour suffered a 3.8 percent drop in shares.
Mobile application and API security are simplified with Barracuda. Our network and application security solutions protect your business from rogue and insecure applications that cause downtime, lost data, or network intrusion.
Keep hackers out of customer accounts.
Loyalty and gift card accounts bring big paydays for hackers. A common scam uses automated attacks against an account login page to guess customer credentials. These bots hammer away at a website until they find a way in, or you find a way to stop them. These attacks were used successfully against Macy’s and Bloomingdale’s in 2018.
Barracuda application security protects e-commerce sites from brute-force attacks and credential-stuffing by limiting the number of login attempts in a given time window. When the limit is reached, the attack is thwarted with a captcha or simply blocked for a period of time.
Keep your links under wraps.
Many e-commerce sites use URLs that are not meant for public access. A customer number appended to a URL may provide a link meant for that customer only — not for anyone else. Companies can’t rely on obscurity to secure this type of URL. They must use access restrictions to prevent unauthorized users from accessing the content. Panera Bread learned this lesson the hard way by failing to restrict access to customer account pages. The company’s website appended sequential user ID numbers to URLs, making the address of a user page easy to predict.
Barracuda application security defends against all of the most common and most dangerous application security attacks, including the OWASP-listed attacks such as failure to restrict URL access, SQL injection, and more.
Secure your e-commerce operations, everywhere.
Barracuda’s application security solutions offer a perfect way for retailers to keep e-commerce websites, applications and customers protected from cyber attack.
Protect your business today.
Contact us to discuss your retail security needs or to arrange a demonstration or free trial of any Barracuda product.