Jscrambler Introduces Solution Enhancements that Pave the Way to 1-Day PCI DSS Compliance

PORTO, Portugal

Jscrambler, the pioneering client-side protection platform, announced enhancements to its PCI DSS Solution today. By adding advanced payment page script controls and ease of management to its existing market-leading capabilities, Jscrambler makes it fast and easy for merchants to securely and cost-effectively achieve PCI DSS compliance with requirements 6.4.3 and 11.6.1 before the March 31, 2025 deadline. 

1-Day PCI DSS Compliance

Jscrambler’s new and existing PCI DSS capabilities remove obstacles to complying with PCI DSS requirements 6.4.3 and 11.6.1. These requirements are designed to protect against and detect web skimming attacks on payment pages which are critical for merchants to generate revenue and who may be struggling to mitigate these types of threats. 

According to Jscrambler’s report, "The Perils of Third-Party Tags: Examining the Client-Side Security Risks and Compliance Challenges of JavaScript”, only 36% of respondents' companies have policies and tools to prevent data skimming. With the launch of these new operationally focused and easy-to-manage payment page script controls, Jscrambler becomes the go-to vendor for merchants looking to achieve compliance and ultimately gain protection from skimming threats. 

Interested businesses need only to provide a payment page URL. Jscrambler will then assess the page, deploy continuous monitoring, deliver a detailed vendor and header inventory, and provide a compliance report within hours. Specific new features that enable this accelerated assessment include:

• Bulk Script Approvals: Scale a large volume of script approvals, which reduces the time required to approve scripts across multiple payment pages.

• Automated Workflow Integrations: Seamless Security Information and Event Management (SIEM), email, Slack, and Jira integrations, which deliver real-time alerting, streamlined workflows, and an optimal team experience.

• Updated Compliance-Ready Reporting: Detailed minute-ready assessment reports that track all vendors, scripts, and authorizations to simplify the assessment process for Qualified Security Assessors (QSA).

"For businesses accepting, storing, transmitting, or processing payment card data, the clock is ticking on a critical compliance deadline they cannot afford to miss. Achieving compliance is vital to their long-term success, and businesses must act now by securing every payment page, detecting unauthorized modifications, and protecting sensitive customer data,” said Rui Ribeiro, CEO and co-founder of Jscrambler.

“With our enhanced PCI DSS solution, merchants gain the levels of compliance needed to eliminate potential penalties, combat digital skimming threats, create a safer environment for handling payment transactions, and ultimately gain the trust and resilience needed in today’s increasingly complex digital landscape, all in a single day.”

These latest capabilities add to Jscrambler’s existing market-leading solution, which includes:

• Flexible Hybrid Architecture: This architecture enables agentless or agent-based deployment across each payment page. All data is unified within a centralized data ontology that can be accessed through a single dashboard. There’s no lock-in, as businesses accelerate deployment and can flex methods per page as risk changes.

• Advanced Skimming Detection & Analysis: Advanced static code analysis can identify threats from skimming attacks. By examining web scripts for signs like obfuscation, stealth tactics, and sensitive data access, Jscramblder delivers a thorough assessment to detect and prevent skimming activity on a merchant’s website.

• Skimming Prevention & Behavior Blocking: Granular script control prevents unauthorized script behaviors from accessing sensitive information while maintaining full functionality.

• Delegated Compliance: Jscrambler experts manage the script authorization workflows on behalf of clients to reduce the need for additional in-house resources. The service is comprised of three main parts: script management and justification, policy and procedures management, and annual assessment/SAQ guidance. Jscrambler offers unparalleled flexibility, allowing merchants to customize and select only the Delegated Compliance components needed to meet their goals.

In addition to the solution, Jscrambler offers customers an experienced team of PCI DSS experts, including CTO Pedro Fortuna, Security Advisor John Elliott, and Security Solutions Advisor Gareth Bowker. These experts not only work in close collaboration with the Payment Card Industry Security Standards Council (PCI SSC), they also possess a deep understanding of the requirements and experience in helping businesses achieve compliance.

To gain more insight into operationalizing workflow authorization for requirements 6.4.3 and 11.6.1 and how to prepare yourself to best expedite compliance, join Jscrambler’s upcoming December 17th, 11am ET webinar, “How to Overcome Operational Challenges Implementing PCI DSS Requirements 6.4.3 and 11.6.1”. Moderated by Jscrambler Pre-Sales Director Jeffrey Cleveland, the panel will feature PCI DSS experts, including John Elliott and Gareth Bowker, who will discuss operationalizing script management and adopting a policy to streamline compliance.

About Jscrambler

Jscrambler is the leader in Client-Side Protection and Compliance. Jscrambler is the first to merge advanced polymorphic JavaScript obfuscation with fine-grained third-party tag protection in a unified Client-Side Protection and Compliance Platform.

Jscrambler’s integrated solution ensures a robust defense against current and emerging client-side cyber threats, data leaks, misconfigurations, and IP theft, empowering software development and digital teams to securely innovate online with JavaScript. Jscrambler’s Code Integrity product safeguards first-party JavaScript through state-of-the-art obfuscation and exclusive runtime protection. Jscrambler’s Webpage Integrity product mitigates threats and risks posed by third-party tags, all while ensuring compliance with the new version 4 of PCI DSS.

With Jscrambler, businesses adopt a unified, future-proof client-side security policy, all while achieving compliance with emerging security standards.  Jscrambler serves a diverse range of customers, including top Fortune 500 companies, online retailers, airlines, media outlets, and financial services firms whose success depends on safely engaging with their customers online.