PCI DSS Requirement 6.4.3
The Payment Card Industry (PCI) Data Security Standard (DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect payment account data.
PCI DSS v4.0.1 is the current version of the standard. While general adoption was required by April 1, 2024, the new technical requirements took full effect on April 1, 2025.
This includes Requirements 6.4.3 and 11.6.1, which are designed to protect payment web pages that capture account data.
PCI DSS Requirement 6.4.3
All payment page scripts that are loaded and executed in the consumer’s browser are managed as follows:
Authorization
A method is implemented to confirm that each script is authorized.
Integrity
A method is implemented to ensure the integrity of each script.
Inventory & Justification
An inventory of all scripts is maintained, with a written justification for why each is necessary.
How Jcrambler can help you
Prevent client-side attacks with Jscrambler’s security platform
Recommended to read next
Tamper-Resistant Code
Software code is increasingly targeted by cybercriminals who insert malicious code to bypass security measures, steal data, or disrupt operations. Such tampering can cause major harm, including...
4 min read
Read MoreData Classification
Not all data is created equal. Without appropriate levels of protection tailored to the sensitivity and importance of each type of data, cybersecurity and compliance risks increase, costs spiral,...
4 min read
Read More