This article explains the additional security steps required when a form includes both (1) a payment field and (2) customer-supplied JavaScript. Customer-supplied or custom JavaScript is any script added by your organization to a form (as opposed to Intellistack-provided scripts).
Security Standards
To protect sensitive cardholder data, industry security standards (specifically PCI DSS v4.0) include controls for JavaScript codes that run on pages that capture payment information. Some of those controls are ensuring that scripts are authorized, justified, and monitored. These measures are designed to prevent malicious scripts from interfering with your payment forms or compromising customer data.
If your organization adds custom JavaScript to a payment-enabled form, your organization is responsible for reviewing, authorizing, and monitoring that code.
The Authorization Workflow
When a form contains both a Payment Field and Custom JavaScript, the following security controls apply:
1. Code Editing Lock
To prevent accidental or unauthorized changes to scripts on payment-enabled forms, the JavaScript editor is locked by default.
- Action: You must manually select "Enable Editing" to modify existing code or add new scripts to these forms.
2. Mandatory Business Justification
Before you can publish or save changes to a script on a payment-enabled form, you must provide a Business Justification.
- Requirement: Enter a clear reason for the script's use (e.g., "Calculates custom discounts" or "Analytics tracking").
- Recordkeeping: This justification is recorded as part of your organization's security audit trail.
Note: If the user chooses to Cancel this dialogue or closes the page without entering a justification and confirming the change, the form will not be updated (and new forms will not be published)
3. Automated Security Notifications
When custom code is authorized on a payment form, an automated notification is sent to the Salesforce System Administrators and the Primary User.
- Details Included: The notification includes the form name, the user who authorized the change, your business justification, and a copy of the active code.
- Purpose: This alert enables your organization’s security personnel to validate that all scripts on your payment pages are safe and intended.
Note: You should retain this email for your compliance records.
Your Responsibilities
Best practices include:
- Verify Authorization: Confirm the script and the business justification align with your organization’s security policy.
- Regular Review: Periodically confirm that active scripts are still necessary and up to date.
- Incident Response: Immediately disable any script that shows unexpected behavior or is no longer approved.