PCI DSS Requirement 6.4.3

The Payment Card Industry (PCI) Data Security Standard (DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect payment account data. 

The next evolution of the standard is PCI DSS v4 which became mandatory on 1st April 2024 with new technical requirements that need to be implemented by 1st April 2025.

There are two requirements, 6.4.3 and 11.6.1, specifically designed to protect payment pages of websites that capture payment card data.

Identify and Protect

All payment page scripts that are loaded and executed in the consumer’s browser are managed as follows:

  • A method is implemented to confirm that each script is authorized.

  • A method is implemented to ensure the integrity of each script.

  • An inventory of all scripts is maintained with written justification as to why each is necessary.

How Jcrambler can help you

Prevent client-side attacks with Jscrambler’s security platform

Recommended to read next


PCI DSS Requirement 11.6.1

The new PCI DSS v4 standard requires e-commerce companies to employ measures to protect the payment pages on their websites against JavaScript skimming attacks.

2 min read

Read More