A shield that protects the servers from Man-in-the-Middle attack and Man-in-the-Browser vulnerabilities
Codesealer Company

We’ve built the solutions
to protect your business.

Codesealer have been part of a sector solution for over 5 years, today processing more than 30 million transactions per day invisibly defending customers from today’s crippling browser security threats.

We work to eliminate Man-in-the-Middle attack and Man-in-the-Browser vulnerabilities.

Recognized in Gartner Inc. “Financial Fraud Detection Strategy” for our User Interface Protection

Our solutions don’t need installation of any agent on client computers! 

Why Codesealer

Cyber threats

Research suggesting that at least 10% of all cyber-attacks are focused in the area of Man-in-the-Middle attack and Man-in-the-Browser and MITB, current estimates have found that already 20% of organisations have taken action to protect themselves.

Codesealer prevent all of top financial trojans

by preventing vector of attack

A diagram, that shows the use of the different financial trojans. 51.1% Ramnit, 16.5% Emotet, 14% Zbot, 8.8% Cridex, 6.5% Trickybot, 2.4% others
The average global cost of cyber crime increased by over 27 percent in 2017.

Accenture

The average cost per lost or stolen records per individual is $141 — but that cost varies per country. Breaches are most expensive in the United States ($225) and Canada ($190).

Ponemon Institute’s 2017 Cost of Data Breach Study

The financial services industry takes in the highest cost from cyber crime at an average of $18.3m per company surveyed.

Accenture

Trojan horse virus Ramnit largely affected the financial sector in 2017, accounting for 53 percent of attacks.

Cisco

Malware and web-based attacks are the two most costly attack types — companies spent an average of US $2.4 million in defense.

Accenture

Be part of the 20% taking care of customers. Find out how to safeguard your customer trust.

CODESEALER SOLUTIONS

Web Session Firewall

Ready to use, easy to implement solution to protect your client’s web session. Codesealer WSF uses end to end encryption and emulate website in your client browser.

Illustration of how Codesealers WSF workd
  • When deployed at your existing infrastructure all users will be immediately protected.
  • Installed behind the Firewall and the Load Balancer is completely transparent for your web server and your application layer
  • WSF secures HTTP traffic using an additional layer inside the client.
  • WSF monitors changes to the DOM and prevents illegal modification performed by sources other than WSF.
  • WSF provides an extra layer of encryption as well as session keys to protect the session.
  • URL’s are encrypted making it significantly more difficult to redirect the user. If the redirect is performed modifying data in the DOM it is protected.
  • WSF protects, hides and monitor the cookies.
Use case

Financial (Bank & Insurance)

Malware focused on intercepting bank users’ data or redirecting transactions appears very often and evolved very quickly. In addition, bank clients very often do not follow basic security rules and log in from untrusted devices or do not use anti-viruses.

Illustration of how financial trojans like Emotet, Zbot and so on works, if there is no protection

How to keep protected against malware?

Meeting customers and working against the consequences of their mistakes or simply the effects of unfortunate coincidences, which then affect the opinion of a financial institution are the safest solutions. This will prevent unwanted consequences and will have a positive impact on the clients’ trust in the bank.

It is possible to protect key sites from attack vectors, using complex cryptographic systems that are not visible by website users.

Codesealer solution

The WSF Codesealer, securing the user session, makes it impossible to substitute elements of the page, making the malware blind, thus redirecting eg. a bank transfer to the attacker’s account is impossible to do. Attempts of any such attacks are automatically detected and displayed as an alert in the monitoring tool. It is also possible to set different actions in case of detecting malicious activity.

Currently, the Codesealer solution secures over 30 million transactions in the financial sector daily in Denmark alone.

Illustration of how financial trojans like Emotet, Zbot and so on works, if Codesealers protection is used
CODESEALER SOLUTIONS

Bootloader

Bootloader – Secure content delivery system in JavaScript uses its own protocols and encryption engine to deliver, verify and execute intact JavaScript code on potentially dangerous and untrusted platforms. Bootloader can be the core part of other systems.

Illustration of how CodeSealers Bootload works
  • The integrated and dynamic Bootloader creates a secure session between WSF 4 Server and WSF 4 Client
  • The Bootloader ensures that the WSF 4 session is encrypted and secured by using unique session keys
  • Performs a specific verification of the runtime environment
  • When the Bootloader passes control to the loaded code, we are sure that it has not been modified in any way and that everything is ready for safe launch
FAQS

Frequently Asked Questions

Need more information about the most frequently asked questions? Read below. If you have any other questions, please get in touch using the contact form.

For who?

Codesealer WSF is a complex solution for everyone who want to protect their clients. Especially for financial companies, everywhere where fragile and important data is processed, everywhere where your client need to pay for services. If there is any risk of phishing, Man-in-the-Middle attack and Man-in-the-Browser Codesealer WSF can protect against attacks.

How does it work? WSF Server.

The WSF server acts as an advanced and secure HTTP proxy. Towards the web application servers, the WSF Server looks like your run-of-the-mill HTTP proxy, making regular HTTP requests as you would expect. On the outside, however, the WSF. Server communicates using the proprietary and secure WSF. and Bootloader protocols. The server also includes our obfuscation engine as well as our forensic report management and administration interface.

How does it work? WSF Client.

The WSF client is responsible for handling the protocols, page sandbox, cookies, DOM tree validation, forensic report generation and much more. WSF Client, together with the Bootloader and WSF Server, is what allows us to provide a unique end-to-end security solution.

For who?

Bootloader solution can be part of external solution that need highly secure transmission. For every kind of financial software where you need to transmit data in more secure way than normal encryption.

How does it work?

The Bootloader, our secure JavaScript payload delivery system, uses our proprietary obfuscation engine and protocols to deliver, verify and execute an untampered piece of JavaScript to an otherwise untrustworthy platform. Apart from multiple layers of payload encryption and integrity verification the Bootloader also performs some environment validation.

How the implementation works?

Implementation depends on the service provided to secure. Each installation is performed individually. Implementation consist in system configuration performed by a professional administrator.

How long does implementation take?

Implementation takes from 2 to 4 weeks.

Can I try it for free?

Solutions provided by Codesealer can be tried in the form of PoC. The terms of PoC are determined in separate agreement.

How can I order WSF or Bootloader?

You can use contact form placed on the bottom of the site and we reach you as soon as possible.

Do I have to install the agent on user's computers?

Solutions provided by Codesealer do not require installing the software on user's computers.

Price list - what is the cost and how is the subscription calculated?

Prices are set individually after contacting with sales department.

What is the cost of maintenance?

Solution requires technical support only in the case of profound changes in protected service. Cost of the technical support is set individually.

What happens in case of breakdowns?

Technical support team consisting qualified administrators and programmers watches over 24 hours 7 days a week.

CONTACT

Get In Touch

Any question? Reach out to us and we’ll get back to you shortly.

    • emailinfo@codesealer.com
    • addressCodeSealer APS, CVR 3922 8920
    • addressNaesseslottet, Dronninggårds Alle 136, 2840 Holte, Denmark