Porto-based Jscrambler, a cybersecurity startup focused on client-side protection, today announced the completion of a €5 million investment round subscribed to exclusively by Iberis Capital, in order to prevent digital skimming attacks on websites that capture payment card data.
This latest investment builds upon a previous €14.4 million Series A funding round led by Ace Capital Partners with participation from Sonae IM and Portugal Ventures, which also led the company’s initial Seed round.
“Merchants accepting payments face escalating threats like digital skimming, yet many lack the client-side protection tools that are vital to securing customer cardholder data,” said Rui Ribeiro, CEO and Co-founder of Jscrambler. “With the PCI compliance deadline rapidly approaching, the urgency for effective client-side protection solutions has never been greater. This funding round from Iberis Capital will enable us to address this immediate pressing need while accelerating our investments in innovation and research to ensure our clients are always prepared for the challenges of tomorrow.”
Founded in 2014 by Pedro Fortuna and Rui Ribeiro, Jscrambler is an innovator in Client-Side Protection and Compliance. According to Jscrambler, they are the first to merge advanced polymorphic JavaScript obfuscation with fine-grained third-party tag protection in a unified Client-Side Protection and Compliance Platform.
Jscrambler’s integrated solution aims to ensure a robust defense against current and emerging client-side cyber threats, data leaks, misconfigurations, and IP theft, empowering software development and digital teams to innovate securely online with JavaScript. Their Code Integrity product safeguards first-party JavaScript through obfuscation and exclusive runtime protection. Their Webpage Integrity product mitigates threats and risks posed by third-party tags, all while ensuring compliance with the new version 4 of PCI DSS.
With Jscrambler, businesses adopt a unified, future-proof client-side security policy, while achieving compliance with emerging security standards. The company serves a diverse range of customers, including top Fortune 500 companies, online retailers, airlines, media outlets, and financial services firms whose success depends on safely engaging with their customers online.
According to Jscrambler, despite the continued growth in client-side threats, many businesses continue to lack the tools needed to keep user data safe. According to the 2024 Jscrambler report, only 36% of respondents’ companies have policies and tools to prevent data skimming.
Now, with this latest investment, Jscrambler will further accelerate its efforts to help companies securely and cost-effectively achieve PCI DSS v4 compliance ahead of the March 31, 2025 deadline.
PCI DSS v4 requirements 6.4.3 and 11.6.1, are designed to prevent digital skimming attacks on websites that capture payment card data. In addition to PCI compliance, this round of funding will also support Jscrambler’s commitment to ongoing research and solution innovation.
João Henriques, Partner at Iberis Capital, stated: “Jscrambler delivers a world-leading technological solution that empowers businesses to protect their websites, meeting the increasing demand for robust digital security. Supported by a leadership team with extensive industry knowledge, Jscrambler is uniquely positioned to lead in client-side security. Iberis is proud to be part of Jscrambler’s journey toward success.”
By enabling organisations to monitor and safeguard their front-end JavaScript code in real-time, Jscrambler is designed to make client-side security easier to implement, scalable, and focused on threat prevention.