Navigating the New PCI DSS 4.0 Requirements: Key Takeaways from Industry Experts
Security Boulevard, Wednesday, January 8th, 2025
With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data.
At a QSA roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes.
Understanding the New Requirements
PCI DSS 4.0 introduces two pivotal requirements-6.4.3 and 11.6.1-that focus on the security of payment pages. Compliance with these requirements is mandatory by March 2025 for all organizations handling online payments. These requirements mandate that merchants ensure the authorization and integrity of scripts on their payment pages and monitor any changes to the content or headers associated with these pages.