The Growing Threat of E-Skimming: Why March 2025’s PCI Deadline Matters
by Source Defense The landscape of payment security is at a critical turning point. As we approach the March 31, 2025 PCI compliance deadline for
Payment Card Industry Data Security Standard
PCI DSS v4.0 6.4.3 and 11.6.1 Resources
In March 2022, the Payment Card Industry Security Standards Council released a revised version of its Data Security Standard, commonly known as PCI DSS v4.0. In this revised version are two new sections, 6.4.3 and 11.6.1 which offer guidance regarding 3rd, 4th, and nth party JavaScript running on your websites.
The articles, video and downloadable guide below are for anybody in the PCI DSS industry who focus on PCI DSS security and compliance and can be used as a resource for Qualified Security Assessors (QSA) who want to learn more about staying PCI compliant.
PCI DSS 4.0 Deadline Countdown
Days
Hours
Minutes
Seconds
Resources to Help You Become PCI DSS 4.0 Compliant
Schedule a Team Education Session
FREE training for your entire project team on the eSkimming requirements in PCI DSS 4.0 requirements 6.4.3 and 11.6.1.
[FLIP]
[FLIP]
Sign-up Today!
You’ve got questions – we’ve got answers! Let us help you get your entire team up to speed on all things 6.4.3 and 11.6.1
Sign Up
Download Your 90 Day Action Plan
There are more than 50 new requirements in PCI DSS 4.0. That’s a lot to worry about and a lot to get ready for.
[FLIP]
[FLIP]
Watch the Webinar, Download the Plan
Get a full understanding of scope; learn the pitfalls of “DIY” and get an immediate assessment.
Get the Action Plan
CoalFire Provides PCI DSS Guidance
Read the guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
[FLIP]
[FLIP]
Download the Whitepaper
CoalFire chimes in with background on the problem, guidance on scope, and advice on how to secure card data.
Get the Whitepaper
FREE PCI 4.0 Dashboard
Sign-up and get access to the fastest and easiest way to get moving on PCI DSS 4.0 requirements 6.4.3 and 11.6.1,
[FLIP]
[FLIP]
REGISTER TODAY
The FREE Source Defense PCI Dashboard lets you assess, monitor and report on compliance with all aspects of 6.4.3 and 11.6.1.
Request Account
PCI Related Blog Posts & Webinars
[Recording] A Rapid Action Plan for PCI eSkimming Compliance
Discuss New Trends in eSkimming: Recent reports show a 103% surge in attacks; card associations are saying 80+% of fraud is eSkimming related; Source Defense and Verizon have partnered to shed light on the growing threat surface – learn why the time to act is NOW.
The Urgent Need to Get MOVING for PCI DSS v4.0 Compliance
With the March 2025 deadline for PCI DSS v4.0 compliance looming, businesses face the challenge of adapting to over 50 new security requirements. Among these, eSkimming protections are crucial for safeguarding online transactions. Time is running out—begin your compliance efforts today to stay ahead of the curve and secure your payment systems.
Navigating PCI DSS 4.0: Insights from Industry Experts on Client-Side Security
With the March 2025 PCI DSS 4.0 deadline looming, organizations face new challenges, particularly in securing against eSkimming threats. At a recent Source Defense roundtable, industry experts shared crucial insights on navigating these changes. Learn how to prepare for compliance and protect your organization from emerging client-side security risks.
A VikingCloud Technical Solution Review for the Payment Card Industry (PCI)
Read what VikingCloud has to say about the Source Defense approach to eSkimming Security. As the pioneer in the field, Source Defense supports more than 1,000 of the world’s leading brands with a unique, prevention first, set-it and forget-it solution.
Polyfill – Additional Analysis and Discovery: Signs of PII and Credential Harvesting, Broad Exposure through Digital Supply Chain
With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data. At a recent roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes.
Navigating the New PCI DSS 4.0 Requirements: Key Takeaways from Industry Experts
With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data. At a recent roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes.
First of its kind research from the 2024 Verizon Payment Security Report
New research from Source Defense included in the 2024 Verizon Payment Security Report sheds light on the ever-growing use of 3 rd party digital supply chain partners in modern website design.
Produced in collaboration with Verizon as part of the prestigious Verizon Payment Security Report (2024), this research provides crucial insights into the rise and risk of third-party scripts on modern websites. It covers essential topics such as:
- Background and Threat Surface Analysis: Shedding light on the need to protect data at the point of input
- Benchmarking: Exploring the use of third-party digital supply chains across the largest websites in the world
- Script Analysis: Breaking down the most common types of scripts found, their purpose and their prevalence
- Risky Behaviors: Detailing behaviors which put data privacy compliance in jeopardy and make malicious attacks easy for our adversaries
