Jscrambler Announces PCI DSS Quick Start Program to Ensure Zero Friction Compliance with PCI DSS Version 4

Program Simplifies Merchant and PSP Compliance for PCI DSS Requirements 6.4.3 and 11.6.1

PORTO, Portugal, Aug. 6, 2024 /PRNewswire/ -- Jscrambler, the pioneering platform for client-side protection, today announced its PCI DSS Quick Start Program. In accordance with Jscrambler's Zero Friction vision, the company has released the industry's only program aimed at addressing the practical operational challenges of PCI DSS Compliance while enabling merchants and PSPs to quickly comply with Payment Card Industry (PCI) Data Security Standard (DSS) requirements 6.4.3 and 11.6.1.

New PCI DSS version 4 requirements 6.4.3 and 11.6.1 require securing payment pages to protect against client-side web skimming attacks. According to Visa's Spring 2023 Biannual Threats Report, web skimming attacks targeting E-commerce checkout page customer data increased by 174% in the last half of 2022. While skimming attacks continue to grow, preventative solutions alone are not enough. During the recent webinar, titled, Coalfire reviews the Jscrambler platform in meeting PCI DSS requirements 6.4.3 & 11.6.1, over 85% of poll respondents reported ease of use as the primary criteria when selecting a vendor. In response, Jscrambler has released its new PCI DSS Quick Start Program, which enables a more frictionless PCI DSS process while making it faster and simpler for merchants to comply.

"As web skimming attacks continue escalating, merchants must take action to secure e-commerce payment pages and protect their sites. With its latest requirements 6.4.3 and 11.6.1, PCI Security Standards Council (SSC) is providing critical guidance that can help businesses mitigate these outside threats. But with the organization's March 2025 deadline fast approaching, companies should aim to comply quickly to avoid any potential repercussions," said Jscrambler CEO, Rui Ribeiro. "Our new PCI DSS Quick Start program was designed in response to those urgently needing a solution to meet the impending deadlines. It delivers a frictionless approach allowing merchants to easily and cost-effectively achieve compliance, while also offloading the ongoing management that comes with maintaining compliance."

The PCI DSS Quick Start Program includes the following to accelerate cost-effective compliance:

• Payment Page Inventory Report (Prepare): Upfront automated analysis of an organization's payment page script inventory, detailing script data access and exfiltration. This optional report is delivered within 48 hours of the request to baseline existing scripts, and authorization processes.
  
  
• Unified Hybrid Architecture (Deploy): A unified agent and agentless architecture is delivered to meet the specific risk and compliance requirements of each payment page. This flexible delivery model keeps architectural options open, and avoids architectural lock-in, as requirements change over time.
  
  
• Automated Payment Page Compliance (Comply): Payment page analysis will be run periodically to meet the recurrence requirements outlined by PCI DSS. Customers receive everything needed to comply with PCI DSS requirements 6.4.3 and 11.6.1.
  
  
• QSA Payment Page Inventory Tool (Verify): The payment page inventory tool arms your Qualified Security Assessor (QSA) with a real-time analysis and inventory report of each payment page vendor, script, and iframe. These reports are available to QSAs to help verify compliance.
  
  
• Delegated Compliance (Manage): All manual time-intensive script authorization processes can be offloaded from business stakeholders to Jscrambler operational staff. Jscrambler works with each customer to establish agreed-upon authorization policies and processes that enable expedited authorization review and approval.

Jscrambler's PCI DSS Quick Start Program will be offered through March 31, 2025, when the requirements go into effect. To learn more about the program, please contact a Jscrambler representative here.

For more detailed information on the program, read the PCI DSS Quick Start Program blog here, and watch Jscrambler's webinar, 5 Simple Steps to Zero Friction PCI DSS Compliance.

About Jscrambler
Jscrambler is the leader in Client-Side Protection and Compliance. Jscrambler is the first to merge advanced polymorphic JavaScript obfuscation with fine-grained third-party tag protection in a unified Client-Side Protection and Compliance Platform. Jscrambler's integrated solution ensures a robust defense against current and emerging client-side cyber threats, data leaks, misconfigurations, and IP theft, empowering software development and digital teams to securely innovate online with JavaScript. Jscrambler's Code Integrity product safeguards first-party JavaScript through state-of-the-art obfuscation and exclusive runtime protection. Jscrambler's Webpage Integrity product mitigates threats and risks posed by third-party tags, all while ensuring compliance with the new version 4 of PCI DSS. With Jscrambler, businesses adopt a unified, future-proof client-side security policy, all while achieving compliance with emerging security standards.  Jscrambler serves a diverse range of customers, including top Fortune 500 companies, online retailers, airlines, media outlets, and financial services firms whose success depends on safely engaging with their customers online.

For more information, visit www.jscrambler.com, or follow Jscrambler on LinkedIn or X.   

CONTACT:
Doug Fraim
Guyer Group for Jscrambler
[email protected]

SOURCE Jscrambler