PCI DSS 4.0, time to get serious on Magecart

The first major update to PCI DSS in 8 years requires better protection on payment pages

What is PCI DSS?

The Payment Card Industry set out their Data Security Standard which any site that handles Payment Card Data must comply with.

PCI DSS 4.0, released in March 2022, requires much more strict protections on payment pages that handle Payment Card Data.

Report URI can help you deploy technologies like CSP that will help you comply with the new PCI DSS requirements.

credit card input fields

Content Security Policy

CSP allows you to take strict control over exactly what resources are allowed to load on your site. With full control over script that can execute on your origin, you can effectively prevent attacks like those carried out by Magecart.

PCI DSS specifically calls out Content Security Policy as a suitable mechanism to 'help prevent unauthorised content'.

Many sites that were hit by Magecart would have been better off if they'd had a CSP in place. Not only can we control where script can be loaded from, we can also control where data can be sent!

credit card symbols

Some facts about us

37k+ Domains Monitored
1.25T+ Reports Processed
1k+ Alexa Top 1M Sites

Simple Pricing

Select your usage


Per Month*

Enterprise Accounts

We can tailor a package to your exact requirements with custom usage, billing and SLA. You need an enterprise account if you're looking for any of the following features, just get in touch!

  • Invoicing
  • Managed/Dedicated Instance
  • Geographic Hosting/Processing
  • Custom or Unlimited Usage
  • Support SLA
  • Custom Terms

We're Trusted By

Award Winning Service