Payment Card Industry Data Security Standard

PCI DSS v4.0 6.4.3 and 11.6.1 Resources

In March 2022, the Payment Card Industry Security Standards Council released a revised version of its Data Security Standard, commonly known as PCI DSS v4.0. In this revised version are two new sections, 6.4.3 and 11.6.1 which offer guidance regarding 3rd, 4th, and nth party JavaScript running on your websites.

The articles, video and downloadable guide below are for anybody in the PCI DSS industry who focus on PCI DSS security and compliance and can be used as a resource for Qualified Security Assessors (QSA) who want to learn more about staying PCI compliant.

PCI DSS 4.0 Deadline Countdown

Days
Hours
Minutes
Seconds
The deadline has passed, but we can still help you become compliant NOW!

Resources to Help You Become PCI DSS 4.0 Compliant

Schedule a Team Education Session

FREE training for your entire project team on the eSkimming requirements in PCI DSS 4.0 requirements 6.4.3 and 11.6.1.
[FLIP]

Sign-up Today!

You’ve got questions – we’ve got answers! Let us help you get your entire team up to speed on all things 6.4.3 and 11.6.1
Sign Up

Download Your 90 Day Action Plan

There are more than 50 new requirements in PCI DSS 4.0. That’s a lot to worry about and a lot to get ready for.
[FLIP]

Watch the Webinar, Download the Plan

Get a full understanding of scope; learn the pitfalls of “DIY” and get an immediate assessment.
Get the Action Plan

CoalFire Provides PCI DSS Guidance

Read the guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
[FLIP]

Download the Whitepaper

CoalFire chimes in with background on the problem, guidance on scope, and advice on how to secure card data.
Get the Whitepaper

FREE PCI 4.0 Dashboard

Sign-up and get access to the fastest and easiest way to get moving on PCI DSS 4.0 requirements 6.4.3 and 11.6.1,
[FLIP]

REGISTER TODAY

The FREE Source Defense PCI Dashboard lets you assess, monitor and report on compliance with all aspects of 6.4.3 and 11.6.1.
Request Account

PCI Related Blog Posts & Webinars

The Urgent Need to Get MOVING for PCI DSS v4.0 Compliance

With the March 2025 deadline for PCI DSS v4.0 compliance looming, businesses face the challenge of adapting to over 50 new security requirements. Among these, eSkimming protections are crucial for safeguarding online transactions. Time is running out—begin your compliance efforts today to stay ahead of the curve and secure your payment systems.

Read More »

First of its kind research from the 2024 Verizon Payment Security Report

Essential Guide to PCI DSS 6.4.3 and 11.6.1

New research from Source Defense included in the 2024 Verizon Payment Security Report sheds light on the ever-growing use of 3 rd party digital supply chain partners in modern website design. 

Produced in collaboration with Verizon as part of the prestigious Verizon Payment Security Report (2024), this research provides crucial insights into the rise and risk of third-party scripts on modern websites. It covers essential topics such as:

  • Background and Threat Surface Analysis: Shedding light on the need to protect data at the point of input
  • Benchmarking: Exploring the use of third-party digital supply chains across the largest websites in the world 
  • Script Analysis: Breaking down the most common types of scripts found, their purpose and their prevalence
  • Risky Behaviors: Detailing behaviors which put data privacy compliance in jeopardy and make malicious attacks easy for our adversaries

Download the White Paper

Scroll
Source Defense
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.