Elavon, a global leader in payment processing, has officially announced a partnership with Jscrambler, a pioneer in client-side protection and compliance, to help merchants comply with PCI DSS requirements 6.4.3 and 11.6.1.
Under the agreed terms, Elavon’s network of more than 400 merchants will be able to leverage Jscrambler’s Client-Side Protection and Compliance Platform, all for the purpose of safeguarding their business from escalating web skimming attacks. More on that would reveal how, thanks to Jscrambler’s Client-Side Protection and Compliance Platform and PCI DSS solution, merchants can seamlessly meet PCI DSS requirements.
To understand the significance of such a development, we must take into account a report from Recorded Future’s Insikt Group, a report where it was revealed that Magecart infections surged by 103% over the first half of 2024. This, in turn, has inflicted serious burden on e-commerce and payment industries in the context of securing client-side environments.
“As attackers increase their focus on merchants’ payment pages, Elavon is not only raising awareness, it’s taking action to help deliver solutions to mitigate these damaging attacks,” said Carlos Gonçalves, VP of Partnerships & Growth at Jscrambler. “Their trust in our PCI DSS compliance expertise and our innovative platform will enable us to bring Jscrambler’s industry-leading client-side protection to Elavon’s merchants, strengthening their payment security and the larger digital payment ecosystem.”
Taking a deeper view of how Jscrambler’s PCI DSS solution will aid things in the present situation, we begin from its promise to provide script management. This shows how the solution can effectively auto-discover and authorize payment page scripts so to reduce manual approvals by grouping vendor behaviors.
Next up, there is potential for skimming prevention. Here, the technology blocks unauthorized data access in real-time, protecting against web skimming, and formjacking.
Another detail worth a mention is rooted in the potential for intelligent tamper detection. This translates to how the solution in question can monitor HTTP headers and page content before alerting on unauthorized changes via email, SIEM, or Slack.
Hold on, we still have a few bits left to unpack, considering we haven’t yet touched upon the technology’s hybrid architecture. In essence, Jscrambler’s proprietary solution arrives bearing the means to support agentless and agent-based deployment. The idea behind that stems from help users achieve flexibility, and therefore, enable rapid compliance for complex or acquired payment pages.
We also haven’t touched upon the innovation’s comprehensive PCI DSS Expertise. You see, the technology features direct access to former PCI Security Standards Council members and a strong bench of PCI DSS experts.
Rounding up highlights would be an underlying QSA Alliance Program, which provides access of enablement sessions, assessor forums, and inventory reports to streamline audits.
Among other things, we ought to mention how, on May 20, Jscrambler and Elavon will be hosting a webinar titled “Mastering PCI DSS Requirements 6.4.3 and 11.6.1: Practical Solutions for Merchant Compliance”, where executives will delve into the value of partnership in greater detail, while simultaneously unlocking greater insights on PCI DSS v4.0.1 requirements and Jscrambler’s PCI DSS solution. The session will feature John Elliott (Jscrambler Security Advisor), Gareth Bowker (Jscrambler Technical Advisor), and Andrew McCarroll (Elavon PCIP Customer Payment Security Executive).
“Our vast network of merchants is increasingly aware of the growing threats targeting payment pages and the growing urgency to take action by following the guidance set forth by PCI DSS and specifically requirements 6.4.3 and 11.6.1,” said Andrew McCarroll, PCIP Customer Payment Security Executive at Elavon. “By partnering with Jscrambler, Elavon is offering merchants easy access to Jscrambler’s PCI DSS solution. Built on Jscrambler’s decade of client-side security experience and its role as a trusted PCI SSC advisor, the solution secures payment environments so merchants can fend off skimming attacks and ensure ongoing customer trust.”
