PCI-DSSv4 Compliance
Be prepared for PCI-DSS v4
PCI-DSS applies to all entities that store, process and/or transmit cardholder data. In view of newer cyber threats such as Magecart and card skimming, version 4 was released on 31 Mar 2022 with additional requirements. All new requirements are mandatory after 31 Mar 2025.
What Is PCI-DSS Compliance?
The PCI-DSS Compliance is an important set of information security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure cardholder data environment (CDE).
our benefit
Benefits Of PCI-DSS Compliance
Check out a quick demo of the WebOrion® Accelerator in action.
Reduced risks of data breaches of Primary Account Numbers (PAN) which are critical in PCI-DSS
Greater customer confidence
Avoidance of fines and penalties
Compliance to global security standards
New: Monitor HTTP headers for Change and Tamper in Clause 11.6.1
HTTP headers contain important security settings such as Content Security Policies (CSP), Strict Transport Security (HSTS), X-Content-Type-Options, etc. Monitor these settings proactively 24×7 and be alerted to any unauthorized changes to HTTP Headers.
New: Monitor SSL certificates and ciphers used in TLS encryptions in Clause 4.2.1
In view of these threats, PCI-DSS v4 has now listed the monitoring of Payment Pages as a requirement.
New: Monitor Payment Scripts in Clause 6.4.3.
Our Monitor will proactively check your payment scripts 24×7 and make sure they are authorized, unmodified and justified. Our Monitor will alert you of any changes to the integrity of the payment scripts.
Get Instant Visibility of Your Web Software Supply Chain and Inventory in Clauses 6.3.2 and 6.4.2
Your online website may contain 1st party (local to web server or domain), 3rd party(outside organization’s domain) or even 4th party scripts (activated by 3rd party scripts). Any single vulnerability to any of these scripts can severely impact the functionality and look-and-feel of the website. Get instant visibility and inventory of your critical scripts to ensure minimal risks to your website.
Be compliant to PCI-DSS v4
In view of these threats, PCI-DSS v4 has now listed the monitoring of Payment Pages as a requirement.
12 Other Requirements For PCI-DSS
PCI-DSS has many stringent requirements ranging from firewalls, secure cryptograph, change and temper detection etc, to ensure that Cardholder Data (CHD) and Sensitive Authentication Data (SAD) are well protected and secure during storage, transmission and processing.
