Payment Card Industry Data Security Standard

PCI DSS v4.0 6.4.3 and 11.6.1 Resources

In March 2022, the Payment Card Industry Security Standards Council released a revised version of its Data Security Standard, commonly known as PCI DSS v4.0. In this revised version are two new sections, 6.4.3 and 11.6.1 which offer guidance regarding 3rd, 4th, and nth party JavaScript running on your websites.

The articles, video and downloadable guide below are for anybody in the PCI DSS industry who focus on PCI DSS security and compliance and can be used as a resource for Qualified Security Assessors (QSA) who want to learn more about staying PCI compliant.

PCI DSS 4.0 Deadline Countdown

Days
Hours
Minutes
Seconds
The deadline has passed, but we can still help you become compliant NOW!

Resources to Help You Become PCI DSS 4.0 Compliant

Schedule a Team Education Session

FREE training for your entire project team on the eSkimming requirements in PCI DSS 4.0 requirements 6.4.3 and 11.6.1.
[FLIP]

Sign-up Today!

You’ve got questions – we’ve got answers! Let us help you get your entire team up to speed on all things 6.4.3 and 11.6.1
Sign Up

Download Your 90 Day Action Plan

There are more than 50 new requirements in PCI DSS 4.0. That’s a lot to worry about and a lot to get ready for.
[FLIP]

Watch the Webinar, Download the Plan

Get a full understanding of scope; learn the pitfalls of “DIY” and get an immediate assessment.
Get the Action Plan

CoalFire Provides PCI DSS Guidance

Read the guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
[FLIP]

Download the Whitepaper

CoalFire chimes in with background on the problem, guidance on scope, and advice on how to secure card data.
Get the Whitepaper

FREE PCI 4.0 Dashboard

Sign-up and get access to the fastest and easiest way to get moving on PCI DSS 4.0 requirements 6.4.3 and 11.6.1,
[FLIP]

REGISTER TODAY

The FREE Source Defense PCI Dashboard lets you assess, monitor and report on compliance with all aspects of 6.4.3 and 11.6.1.
Request Account

PCI Related Blog Posts & Webinars

[Recording] Community Enablement for 6.4.3 and 11.6.1

Don’t Wait – Get Moving Now on eSkimming Security! There are more than 50 new requirements in PCI DSS 4.0. That’s a lot to worry about and a lot to get ready for in just a short period of time. Realistically, with an impending Q4 code-freeze, you have the next six months to tackle it all.

Read More »

[Recording] A 90 Day Action Plan for 6.4.3 and 11.6.1

Don’t Wait – Get Moving Now on eSkimming Security! There are more than 50 new requirements in PCI DSS 4.0. That’s a lot to worry about and a lot to get ready for in just a short period of time. Realistically, with an impending Q4 code-freeze, you have the next six months to tackle it all.

Read More »

[Recording] Go With The Payment Flow

Join us for a webinar that will dig into CoalFire’s thoughts and answer the questions you have! We’ll dig deep into the requirements found in 6.4.3 and 11.6.1. We’ll look at CoalFire’s view on what is really in scope.

Read More »

[Recording] Understanding PCI DSS 4.0 in Higher Education

Join us for this informative discussion around strict new requirements for PCI DSS Compliance. We’ll examine the changes outlined in 6.4.3 and 11.6.1. You’ll leave with an actionable timeline and guidance for success that will ensure readiness and successful compliance before the looming deadline.

Read More »

[Recording] PCI Dream Team Roundtable

Source Defense gathered hundreds of the world’s largest merchants, Payment Service Providers, QSACs and Card Associations to hear from a prominent group of leading thinkers in compliance and data security standards to deliberate the forthcoming tides of transformation encapsulated in PCI DSS version 4.0..

Read More »

[Recording] Kick Starting PCI DSS 4.0

eSkimming is a growing threat to businesses of all sizes. This type of attack involves injecting malicious code into a website to steal credit card data as it is entered by customers. eSkimming attacks can be difficult to detect and prevent, but there are a number of steps that businesses can take to protect themselves.

Read More »

The Essential Guide to PCI DSS 6.4.3 and 11.6.1

Essential Guide to PCI DSS 6.4.3 and 11.6.1The Payment Card Industry (PCI) has given serious thought to payment page guidance in DSS v4.0. New sections including 6.4.3 and 11.6.1 indicate the seriousness of this problem.

Every security practitioner responsible for a public-facing website that accepts payments should inform themselves thoroughly of the implications of this change.

These guidelines inform organizations of the necessity to make changes now. In this guide, we dive deep into PCI DSS v.4.0 and specifically:

  • New guidance, PCI 6.4.3 and 11.6.1
  • The solutions to addressing this new guidance
  • The role of proprietary script or tag-management systems
  • Why PCI made these updates in the first place

Download the Guide

Scroll