Jscrambler launches free tool for faster compliance with new PCI DSS anti-skimming requirements


Share post:

Jscrambler, a leading solution for JavaScript protection and real-time webpage monitoring, today announces the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and simple compliance coupled with proactive security measures to prevent web skimming and Magecart attacks.

Jscrambler is a PCI Security Standards Council Principal Participating Organization, and Pedro Fortuna, Jscrambler’s CTO and co-founder, was recently elected a member of the PCI SSC Board of Advisors attesting the relevance of Jscrambler’s 13+ years’ work on client-side security and its importance to the payment industry.

Jscrambler’s team of JavaScript experts has worked to create a solution that will directly ensure compliance with requirements 6.4.3 and 11.6.1 of PCI DSS v4.0. With the new PCI DSS v4.0 requirements already in the public domain, organizations need to prioritize this transition while simultaneously adopting proactive measures to protect their customer’s payment card information. Although the new requirements in PCI DSS are not mandatory until April 2025, they are indicated as “best practices” until this date. Combining the trifecta of technology, people, and processes, Jscrambler’s solution provides teams with the flexibility and agility they require to meet these deadlines without compromising other priorities.

To meet the new anti-skimming requirements of PCI DSS v4.0, which includes ensuring script integrity, maintaining an up-to-date inventory of payment/parent pages’ scripts, and alerts for any tampering attempts, Jscrambler’s new tool offers advanced visibility to easily monitor and authorize vendors and scripts, while providing effortless and detailed reporting logs to demonstrate compliance to PCI Security Assessors (ISAs and QSAs) and internal compliance teams.

Web skimming attacks continue to plague organizations that have an e-commerce store, with attackers launching campaigns to hit as many targets as possible by injecting malicious code into websites via third-party providers. Jscrambler’s research has shown that in recent months the modus operandi for three of the most prolific cybercriminal groups has evolved as they seek more innovative ways to compromise targets. As a result, and if successful, these attacks can go undetected for months, potentially resulting in reputation damage and heavy fines.

Working with Jscrambler, organizations get peace of mind as security teams can configure and manage multiple websites and payment pages in one place, further streamlining compliance visibility and reporting. To stay one step ahead, and ensure that organizations maintain a secure environment, teams can react promptly due to immediate alerts on any modifications to HTTP headers, integrity breaches or adding of new vendors.

Also Read: Happy 5th Birthday, GDPR: Top 3 GDPR Compliance Software Solutions

Pedro Fortuna, Co-founder and CTO at Jscrambler, comments: “With all organizations across the globe that take online payments needing to be fully compliant with the new PCI DSS v4.0 requirements by early 2025, it is imperative that they take action now to identify where any gaps in their security defenses are and take proactive steps to mitigate them. This is no small undertaking for any organization, however, with the release of this tool, backed up by the first-hand expertise of our team in JavaScript, and our experience in dealing with application security challenges in the payment industry, we are empowering organizations to make informed decisions and giving them unparalleled control over data protection.” 

“Jscrambler is a trusted partner for businesses working to secure payment card data and to achieve PCI DSS compliance. Jscrambler’s resources allow organizations of all sizes to ensure client-side security is constantly safeguarded, effectively protecting organizations and their customers” says John Elliott, Jscrambler Advisor and one of the authors of PCI DSS v4.0. “I’m delighted to work closely with the team to ensure we’re developing one of the most advanced solutions in the market.”

TalkDev Bureau
TalkDev Bureau
The TalkDev Bureau has five well-trained writers and journalists, well versed in B2B enterprise technology industry, and constantly in touch with industry leaders for the latest trends, opinions, and other inputs- to bring you the best and latest in the domain.

Related articles

VHDL vs Verilog: A Comparative Analysis

VHDL (VHSIC Hardware Description Language) and Verilog: despite serving the same key purposes, each has nuances, strengths, and...

Neptune Software Revolutionizes SAP App Development with No-Code and Low-Code Platforms

Firms need to digitize and optimize their operations at scale to stay competitive. Neptune Software offers a no-code...

Opreto Corporation Achieves AWS Select Tier Partner Status, Improving Cloud Solutions for Customers

Opreto Corporation has achieved Amazon Web Services (AWS) Select Tier Partner status within the AWS Partner Network (APN)...

Aurora Labs Unveils LOCI 2.0: The Next-Gen AI Advisor Engineer Revolutionizing Software Development

Aurora Labs has unveiled a technical preview of the extended version of LOCI (Line-of-Code Intelligence™), which is an...