Payment Card Industry Data Security Standard

PCI DSS v4.0 6.4.3 and 11.6.1 Resources

In March 2022, the Payment Card Industry Security Standards Council released a revised version of its Data Security Standard, commonly known as PCI DSS v4.0. In this revised version are two new sections, 6.4.3 and 11.6.1 which offer guidance regarding 3rd, 4th, and nth party JavaScript running on your websites.

The Essential Guide to PCI DSS 6.4.3 and 11.6.1

Essential Guide to PCI DSS 6.4.3 and 11.6.1The Payment Card Industry (PCI) has given serious thought to payment page guidance in DSS v4.0. New sections including 6.4.3 and 11.6.1 indicate the seriousness of this problem.

Every security practitioner responsible for a public-facing website that accepts payments should inform themselves thoroughly of the implications of this change.

These guidelines inform organizations of the necessity to make changes now. In this guide, we dive deep into PCI DSS v.4.0 and specifically:

  • New guidance, PCI 6.4.3 and 11.6.1
  • The solutions to addressing this new guidance
  • The role of proprietary script or tag-management systems
  • Why PCI made these updates in the first place

Download the Guide

Scroll