We are thrilled to announce the release of new PCI DSS 4.0 capabilities for HUMAN Client-side Defense. The new functionality makes it even easier for online merchants and payment service providers to protect their payment pages and manage their browser scripts in compliance with requirements 6.4.3 and 11.6.1 of PCI DSS 4.0 (learn more about PCI DSS requirements).
The new requirements become mandatory on March 31, 2025 and apply to all organizations that accept card payments on their websites. It is important to note that online merchants, even if they outsource all storage, processing and transmission of account data to payment service providers, must adhere to the requirements.
What are the new requirements?
Two of the changes in version 4.0 revolve around payment page scripts and HTTP headers.
PCI DSS 4.0 requirement 6.4.3 states that payment page scripts are managed as follows:
Requirement 11.6.1 states that:
Review the full list of requirements at the PCI SSC website.
Simplify Payment Page Protection with HUMAN in Compliance with PCI DSS 4.0
With a single line of code, HUMAN helps organizations painlessly achieve and maintain compliance with browser script requirements by auto-inventorying scripts, capturing authorization and justification, and monitoring scripts and headers for behavioral integrity and indications of compromise:
Discover PCI DSS Compliance with HUMAN
HUMAN is here to help you solve your PCI DSS compliance and client-side challenges. If you’d like to learn more, read about our PCI capabilities, try the online simulation or request a demonstration.
