PCI DSS Requirement 6.4.3
The Payment Card Industry (PCI) Data Security Standard (DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect payment account data.
The next evolution of the standard is PCI DSS v4 which became mandatory on 1st April 2024 with new technical requirements that need to be implemented by 1st April 2025.
There are two requirements, 6.4.3 and 11.6.1, specifically designed to protect payment pages of websites that capture payment card data.
Identify and Protect
All payment page scripts that are loaded and executed in the consumer’s browser are managed as follows:
A method is implemented to confirm that each script is authorized.
A method is implemented to ensure the integrity of each script.
An inventory of all scripts is maintained with written justification as to why each is necessary.
How Jcrambler can help you
Prevent client-side attacks with Jscrambler’s security platform
Recommended to read next
PCI DSS Requirement 11.6.1
The new PCI DSS v4 standard requires e-commerce companies to employ measures to protect the payment pages on their websites against JavaScript skimming attacks.
2 min read
Read MoreApplication Shielding
This article wants to explore the concept of application shielding, its key components, and its significance in the broader context of web security.
6 min read
Read More