PCI DSS v4.0 · Requirement 6.4.3 · 11.6.1
Pass your PCI 6.4.3 review in 10 minutes.
Free scan of any checkout page. One-page audit-ready PDF report your acquirer will accept. No installation. No card data ever leaves your site.
- Built for SMB merchants on WooCommerce, Shopify and custom checkouts.
- QSA-ready evidence export — script inventory, SRI coverage, CSP status.
- Out of PCI scope by design. We watch scripts; we never touch card data.
How it works
- 1
Paste your checkout URL
We load it in a real headless Chrome — exactly what a customer sees.
- 2
We inventory every script
Static, dynamic, third-party, inline. We hash each one and snapshot your CSP.
- 3
You get a PDF report
One page. Audit-ready. Mapped to PCI 6.4.3 and 11.6.1 evidence requirements.
What's in the report
- Script inventory. Every script that ran on your checkout, with SHA-384 hash and source.
- SRI coverage. Which scripts have integrity hashes, which don't.
- CSP snapshot. Whether you have a Content Security Policy and what it allows.
- Risk score. A 0–100 score mapped to PCI 6.4.3 and 11.6.1 evidence.
- Plain-English remediation. What to fix, in the order to fix it.
See a sample report (PDF, 1 page) — what we'd send for a typical small WooCommerce checkout.