ENSURESEC · Project

AI-Powered Security Toolkit Protecting E-Commerce from Cyber and Physical Attacks

digitalPilotedTRL 7

Imagine you run an online shop and someone tampers with your website, intercepts payments, or even messes with your delivery trucks — all at once. ENSURESEC built a set of tools that act like a security guard for the entire online shopping chain, from the moment a customer clicks "buy" to when the package arrives at their door. It uses AI to spot suspicious behavior in real time and blockchain-style technology to make sure no one secretly changes transaction records. Think of it as a burglar alarm, fraud detector, and trust certificate rolled into one open-source toolkit.

By the numbers

consortium partners across the project

countries represented in the consortium

SMEs involved as partners

61%

industry ratio among consortium partners

total deliverables produced

demonstrated tool components

industry partners in the consortium

The business problem

What needed solving

E-commerce platforms face a growing wave of cyber and physical attacks — from website tampering and payment fraud to delivery chain manipulation and insider threats. Most security solutions cover only one piece of the puzzle, leaving gaps between the online storefront, the payment system, and the physical delivery network. Companies need end-to-end protection that covers the entire purchase-to-delivery chain, not just isolated security patches.

The solution

What was built

The project delivered 8 demonstrated security tools: an AI-based incident detector, a behavioral monitor for runtime security enforcement, a communication monitor for network trustworthiness, a risk and resilience analysis tool, a policy compliance monitor, a threat intelligence tool covering human, cyber and physical threats, an information-sharing platform, and a methodology for assessing cascading effects across organizational ecosystems. In total, 50 deliverables were produced.

Audience

Who needs this

E-commerce platform operators facing rising cyber threatsParcel delivery and logistics companies with connected tracking systemsPayment service providers and fintech companies handling online transactionsCritical infrastructure operators running networked software systemsSMEs selling online who lack dedicated cybersecurity teams

Business applications

Who can put this to work

E-Commerce & Online Retail

any

Target: Online retailers and marketplace operators

If you are an e-commerce platform dealing with rising cyber threats, payment fraud, and delivery chain vulnerabilities — this project developed an AI-based incident detector and behavioral monitor that catch attacks in real time across your web applications, payment systems, and logistics. With 8 demo tools covering everything from threat intelligence to policy compliance, the toolkit was designed to protect the full purchase-to-delivery chain.

Logistics & Parcel Delivery

mid-size

Target: Delivery service providers and postal operators

If you are a delivery company dealing with insider fraud, package tampering, or disruptions to your tracking infrastructure — this project built a communication monitor and risk-and-resilience analysis tool that detect when your networks or physical sensors are compromised. The cascading-effects methodology helps you understand how one breach in your system can ripple across the entire delivery ecosystem.

Financial Services & Payments

enterprise

Target: Payment processors and fintech companies

If you are a payment service provider worried about transaction manipulation and compliance violations — this project delivered a policy monitor that checks applications against regulatory directives in real time, plus distributed ledger technology ensuring transaction records cannot be secretly altered. The behavioral monitor catches abnormal API activity before it becomes a breach.

Frequently asked

Quick answers

What would it cost to adopt these security tools?

The ENSURESEC toolkit is described as open-source, which means the core software components should be available without licensing fees. Integration, customization, and deployment costs would depend on your infrastructure size and complexity. Contact the consortium for specific pricing on support or advanced features.

Can these tools handle the scale of a major e-commerce platform?

The project was designed to protect the Digital Single Market's e-commerce ecosystem, which implies large-scale operations. The toolkit addresses both virtual and physical product delivery chains. Based on available project data, the tools were built with distributed architecture in mind, but specific throughput benchmarks are not published in the project description.

Who owns the intellectual property and how is it licensed?

The project describes the toolkit as open-source. IP is typically shared among the 23 consortium partners under Horizon 2020 rules. For commercial licensing of specific components, contact the coordinator INOV in Portugal or the individual tool developers within the consortium.

Does this meet current EU cybersecurity regulations?

The project includes a dedicated policy monitor component that ensures applications do not violate any policy or directive. It was developed under the EU's critical infrastructure protection topic (SU-INFRA01), aligning with EU digital security priorities. Specific NIS2 or DORA compliance would need to be verified with the consortium.

How long would integration take?

The project ran for 24 months (2020-2022) and produced 50 deliverables including 8 demonstrated tool components. Based on available project data, individual tools like the AI-based incident detector or behavioral monitor could potentially be integrated independently. Full ecosystem deployment would require planning around your existing security infrastructure.

Can the tools work with our existing security systems?

ENSURESEC was designed around common software and physical sensor interfaces along the e-commerce ecosystem. The project explicitly focuses on integration across payment, delivery, and web application layers. The information-sharing component also supports secure channel communication with external systems.

Is there ongoing support after the project ended?

The project closed in May 2022. Ongoing maintenance depends on whether individual partners commercialized their components. The project website ensuresec.eu may have current status. With 14 industry partners in the consortium, several are likely offering commercial versions of their tools.

Consortium

Who built it

ENSURESEC assembled a strong, industry-heavy consortium of 23 partners from 14 countries, with 61% coming from industry — well above the typical Horizon 2020 average. The 8 SME partners bring agility and niche expertise, while 14 industry players signal that these tools were built with real commercial environments in mind, not just lab conditions. The coordinator, INOV (Portugal), is a well-known systems engineering research institute with strong industry ties. The geographic spread across 14 countries — including major e-commerce markets like Germany, France, Spain, and the UK — suggests the tools were tested against diverse regulatory and market conditions. With only 2 universities out of 23 partners, this is clearly an execution-focused consortium rather than a research-heavy one.

INOV INSTITUTO DE ENGENHARIA DE SISTEMAS E COMPUTADORES INOVACAOCoordinator · PT
CYBER RANGES LTDparticipant · CY
IOTA STIFTUNGparticipant · DE
CAIXABANK SAparticipant · ES
COMMISSARIAT A L ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESparticipant · FR
MC SHARED SERVICES SAparticipant · PT
SOFTWARE IMAGINATION AND VISION SRLparticipant · RO
UNIVERSITY OF GREENWICHparticipant · UK
ATOS SPAIN SAparticipant · ES
ABI LAB-CENTRO DI RICERCA E INNOVAZIONE PER LA BANCAparticipant · IT
LIETUVOS KIBERNETINIU NUSIKALTIMU KOMPETENCIJU IR TYRIMU CENTRASparticipant · LT
SEARCH-LAB BIZTONSAGI ERTEKELO ELEMZO ES KUTATO LABORATORIUM KORLATOLTFELELOSSEGU TARSASAGparticipant · HU
RELATIONAL ROMANIA SRLparticipant · RO
IOTAM INTERNET OF THINGS APPLICATIONS AND MULTI LAYER DEVELOPMENT LTDparticipant · CY
ITTI SP ZOOparticipant · PL
ENGINEERING - INGEGNERIA INFORMATICA SPAparticipant · IT
ATOS IT SOLUTIONS AND SERVICES IBERIA SLthirdparty · ES
KATHOLIEKE UNIVERSITEIT LEUVENparticipant · BE
EREVNITIKO PANEPISTIMIAKO INSTITOUTO SYSTIMATON EPIKOINONION KAI YPOLOGISTONparticipant · EL

How to reach the team

INOV Instituto de Engenharia de Sistemas e Computadores Inovacao, Portugal — a research and innovation institute with strong industry partnerships

Order a report on this consortium See INOV INSTITUTO DE ENGENHARIA DE SISTEMAS E COMPUTADORES INOVACAO profile →

Next steps

Talk to the team behind this work.

Want to connect with the ENSURESEC team to explore adopting their e-commerce security toolkit? SciTransfer can arrange a direct introduction to the right technical contact within the consortium.

Order a report on this topic More in Digital & ICT