Protecting Your Online Food and Grocery Business

We speak with PerimeterX expert Deepak Patel on food and grocery websites and apps, and how to protect user data from the latest cyberthreats.

With much of the world currently staying at home, the online sector of the food and grocery industry is booming. And with surges in traffic comes increased risk. PerimeterX cybersecurity evangelist Deepak Patel recently spoke on preparedness against prevalent cyberattacks and how digital businesses can grow their platforms with protective measures in mind. Listen to the corresponding PerimeterX podcast here.

PerimeterX has found that account takeover (ATO) attacks and Magecart attacks are often the most common types of attacks on the food and grocery delivery industry. Why these attacks and not others?

DevOps Connect:DevSecOps @ RSAC 2022

Deepak: If you take a step back, food and grocery delivery applications are just like any other e-commerce application, and they have the same challenges. You have a large set of consumers that are on your application that are providing their usernames and passwords to interact with your application. At the same time, they’re also providing payment information for commerce that’s happening on the app itself. So the same kind of attacks that happen on e-commerce sites—like ATO—apply here. I would essentially consider food and grocery apps as a subset of the e-commerce space. The case is similar with Magecart attacks. As a food delivery company, you’re focused on providing a customized, personalized experience for your user. So there’s a tendency to bring in third-party plugins to achieve that—opening you up to Magecart vulnerabilities.

These days, while sheltering at home during a pandemic, we’re all behaving a little differently when it comes to food. PerimeterX recently published an analysis of web traffic that presented some revealing stats. From mid-January to mid-March, this segment experienced a 41% increase in traffic. Since March 1, the industry’s (Read more...)

*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at: