Nowadays protecting our work and digital rights is not an easy task.

With the amount of information that circulates the internet, it becomes impossible to keep your data from falling into the wrong hands. If you work with HTML5, JavaScript, Apps or Web Gaming you understand what we mean.  So, this question is for you: how do you protect your JavaScript applications?

Jscrambler must be your answer. Don’t know what we’re talking about? Don’t worry, Pedro Fortuna (CTO of Jscrambler) explains.


Helppier: What is Jscrambler?

Pedro Fortuna: Jscrambler is a platform that allows you to make sure JavaScript-based applications are executed the way they were designed to be, by authorized users only and in strict compliance with its software license. It tamper-proofs your application and provides you with real-time alerts when someone is tampering with the code or executing it in a way that was not how you intended.


H: In 2010 Jscrambler launched the first version of the main product that offered a code protection solution. What moved you to create this company?

PF: We had the need. We were working on a solution to fight click-fraud in advertising campaigns. Our team had a lot of sensitive code running on the browser that could not be messed with or the results could be compromised so there were already some JavaScript obfuscation tools available but the few that were focused on code protection were far too easy to defeat. We decided to develop our own protection in-house and later on, we decided to release it commercially and we ended up pivoting to do Jscrambler.

H: You worked in a second version for two years, not only code protection was improved but also the creation of specific protections to different applications. Can you tell us which ones are able to use Jscrambler?

PF: Basically anything that has JavaScript in it, really. Client-side JavaScript, from simple jQuery-based applications to full-blown Single-Page Applications in React.js or Angular.js; Server-side JavaScript in Node.js; HTML5 or Hybrid Mobile Applications; Desktop Applications developed in Node Webkit; Browser Plugins; WinJS applications; JavaScript inside PDF files, etc. You have JavaScript running in all sorts of devices, like Smart TVs, Cars, Fridges, IoT devices, etc.

H: How do you announce new features and show users how to use them?

PF: When we roll out new versions of our service, we always publish information about the new features on our website and in our blog. Sometimes we also publish tutorials and tips about specific features.

H: How do you onboard new users?

PF: We have a trial period where users can experiment with the product before deciding to subscribe it.

H: In your website you have a Customer Testimonials area where people can talk about your service. For that reason, we can tell that your company attends to the customer’s needs very fast. Can you explain what changed in your support area since Jscrambler was a start up?

PF: We always felt that support is one of the keys, if not the most important one to our success. (Click to tweet) Jscrambler offer a complex product in an area such as security which is very noisy and full of misconceptions. The support channel allows us to have a relationship with our users and help them get the most out of our product.

H: How many elements do you have in your support team now? What are the main difficulties?

PF: We have 4 persons doing support. The main difficulties are related to market education so our support team must be very technical.

H: In 2013 you launched the third version, are you actually working on a new one? If yes, what will be the main differences?

PF: Yes. We’ll release 4.0 in Q2 this year. The new version will shift the focus from IP protection to full-blown Application Integrity protection. That is, to make sure that the application is executed the way it was designed to be, without interference from tampering incidents. Our code transformation was greatly improved and is much more polymorphic than ever. Applications are able to defend using passive (polymorphism, obfuscation) and active defenses (anti-tampering, anti-debugging, code traps). New code transformations that target the application control flow will be introduced that makes analyzing the code extremely complex.

H: Today Jscrambler is used in hundreds of countries and was mentioned on major international press such as TechCrunch and Huffington Post, are you aware of the number? How much JavaScript code has Jscrambler been protecting?

PF: Yes, we even publish that on our front page. Right now we are being used in 145 countries. We have so far protected around 540 million lines of JavaScript code.

H: Let’s talk about differentiation. What sets the company apart in the market? Why do consumers choose your product over the competition?

PF: Jscrambler been developing the leading protection solution in the market for the last five years. We are chosen because no one has as much experience in protecting JavaScript code as we do and other products you find in the market do not actually protect your code. Fortunately, people recognize this and seek us.

H: What do you expect to achieve in the future?

PF: Continue making people aware that applications are the weakest link in security and that we need to keep pushing for better protection. People need to stop ignoring the risks they are taking when they deploy unprotected code.

Header photography by Lu-Hai Liang

Leave a Reply