After a year of lockdowns, quarantines, and social distancing companies and consumers alike have embraced online business like never before. According to Digital Commerce 360, US eCommerce saw a 44% growth in 2020 (US Ecommerce Report) and a current Longwoods International report shows that 87% of American travelers have travel plans in the next 6 months (Longwoods Intl Report).
After a 45% decrease in total travel spending in 2020, the U.S. Travel Association predicts a return to pre COVID numbers by 2024 (Travel Forecast Fall 2020) and after the May 1st vaccine goal set by the current administration, over half of respondents in a Harris Poll survey say we will “return to normal” this summer (Harris Poll). With the CDC recently lifting some mask mandates those 60% of respondents look to be in the right about our “normal” returning.
- 339 Total Scripts
- 122 Total Unique Scripts
- 34 Scripts per site – average
Of those total scripts we found:
- 33 Unique Marketing Services
- 22 Unique Analytics Services
- 16 Unique Advertising Services
- 8 Unique Social Media Services
When comparing those numbers to the Source Defense platform as a whole we find:
- 180mil violations recorded by Social Media Scripts
- 94mil violations recorded by Analytics Scripts
- 17mil violations recorded by Advertising Scripts
- 4.7mil violations recorded by Marketing Scripts
(measured using top 10 scripts over 14 days and 114.83mil page views)
It is important to note that violations do not mean attacks. Many of these violations, as we discussed in our Data Leakage Blog, relate to eavesdropping on data entered into fields. The eavesdropping is not malicious per se, but can be in violation of data privacy regulations in some states and is therefore blocked by the Source Defense platform.
What is interesting about these numbers is the low volume of Social Media services being used compared to the high number of violations we see out of those same services. At around 1.5 violations per page view, Social Media services are still the biggest violator we see in our platform. These violation numbers conform to what is known about these companies. Social Media companies are more data warehouses than wall posts and like buttons. Gathering that data, through legitimate means or through access not explicitly denied, is part of their identity.
If we contrast Social Media services with Marketing services we see that 10% of scripts are made up by Marketing services but only 1.3% of violations recorded in the Source Defense Platform come from Marketing sources. The rampant data hoarding seen in Social Media companies is not present in many of the Marketing services monitored by the Source Defense Platform.
PCI DSS 4.0 makes client-side security a priority.
Source Defense delivers a solution for 6.4.3 and 11.6.1 without adding a burden to your security teams.