New PCI Rules Force Runtime Script Controls
🔒 An independent PCI assessor evaluated Reflectiz against the updated PCI DSS requirements and found it effectively supports merchant compliance. Modern checkouts load many third-party scripts, any of which can be turned into skimmers, and PCI DSS v4.0.1 introduces controls to inventory, authorize, and detect tampering of payment-page scripts. The QSA highlighted Reflectiz’s behavior-based detection, agentless deployment, and one-click QSA-ready evidence as key strengths, while SAQ A exemptions remain limited for iframe integrations.
