PCI DSS 4.0 is out, and there are some key changes from version 3.2.1. Now, any business that accepts payments online must inventory, authorize, and justify all javascripts that load on payment pages (requirement 6.4.3) and deploy a mechanism to detect unauthorized modifications to the HTTP headers as received by the consumer’s browser (requirement 11.6.1).
And no one is exempt. Even merchants who leverage third-party payment service providers via iframe or redirect are in scope.
Join the LinkedIn Live session to learn what merchants and assessors should know about PCI DSS v4.0 6.4.3 and 11.6.1. Our panel of top PCI industry experts will: