Security architecture

Our Consent Manager is carefully designed to protect its own internal state and regulation capabilities from other potentially malicious scripts running in the same environment. We employ the following techniques to ensure the security of our Consent Manager:

We use an extensive runtime reference caching & utility framework as the standard library through which all of our security-critical code is built. This library is completely resistant to all prototype pollution attacks, and dynamically adjusts for implementation differences between browsers to always provide the most secure level of abstraction available.

Other consent managers assume that third-party scripts will not attack JavaScript prototypes and internal references used at runtime.

We do not use any third-party dependencies in airgap.js or Transcend XDI as nothing else meets our strict security standards. Our JavaScript bundler (esbuild) injects some utilities to assist with transpilation.

We require a genuine user-initiated 'click' or 'submit' event or a trusted Transcend XDI consent sync to change consent after initialization. Other consent managers don’t secure their consent APIs with any user authorization safeguards at all.

While we use a reference cache & utility framework to secure against prototype pollution attacks, there are still some gaps introduced by our JavaScript bundler’s transpilation process.

In order to fill in these gaps, we employ active tamper resistance interventions that prevent third-party code from redefining some built-in JavaScript iterators and methods which are insecurely used by the utilities generated by our JavaScript bundler.

To disable our tamper resistance mode, add data-tamper-resist="off" to your airgap.js script tag.