Digital skimming, formjacking, e-Skimming, Magecart - these are all methods used to steal credit card data and PII from transaction oriented websites. These attacks occur within the browser, happen while data is at the point of entry rather than in transit or at rest, and are happening at such pace that the PCI Council has signaled that client-side security should be a core concern with the changes found in 4.0.
Join Matt McGuirk, solution architect, Office of the CTO, on July 28, 2022, for a deep dive into how these attacks occur; a breakdown of the current technical environment surrounding client-side security; and analysis of the guidance found in 6.4.3 and 11.6.1 that will help you give consistent and comprehensive guidance to your clients.
The PCI Council has made client-side security a major focus of PCI DSS 4.0.
Sections 6.4.3 and 11.6.1 specifically call for preventative measures to close the security gaps that facilitate client-side attacks. Currently, these sections are not required for businesses to be compliant, but they will be in the not too distant future.
Join Source Defense, the pioneer in client-side security, for an in-depth look into the issue so that you can best inform your clients as to how to address this critical attack surface.