1. Docs
  2. PCI DSS Library
  3. 6.4.3 (b) - Script Authorization

6.4.3 (b) - Script Authorization

Ensuring Only Trusted Scripts Operate

Once you’ve established a script inventory, it's crucial to implement a mechanism guaranteeing that only these authorized scripts are allowed to execute on your payment pages. You can achieve this through various approaches, but the key is having a control system in place.

This control is particularly paramount as many skimming attacks involve unauthorized scripts injected from attacker-controlled domains. These malicious scripts are designed to steal sensitive information, such as credit card details. By enforcing strict script authorization, you create an impenetrable barrier that prevents such unauthorized scripts from executing, thereby significantly reducing the risk of data breaches and protecting your customers’ sensitive information.

By browsing this website, you agree to the Terms of Service and Privacy Policy