Thank you for choosing the Source Defense security platform to enhance your website’s protection and meet PCI 6.4.3 and 11.6.1 requirements. This document provides instructions to help you deploy the Source Defense solution efficiently and securely. By following these steps, you will ensure that your web pages are equipped with the necessary safeguards to prevent potential threats and maintain compliance with modern security standards.
The deployment process involves simple but crucial steps, including the installation of an HTML <script> tag and updating your Content Security Policy (CSP) settings, where applicable. Each section of this guide provides detailed directions, best practices, and examples to make the implementation process as seamless as possible.
We recommend carefully reviewing the instructions and adhering to the provided guidelines to guarantee optimal performance and security. If you have any questions or encounter challenges during the setup, our support team is available to assist you at every step of the way. Contact Support
Let’s get started.
General
The deployment of the Source Defense security platform consists of several simple steps per domain –
- Install the provided HTML <script> tag at the top of the <HEAD> element of desired pages (for Protect – Limited, this is only required on pages containing payment buttons and/or fields).
- When applicable – update your CSP whitelist to include Source Defense.
Step 1 – Install the HTML <script> tag
The Source Defense platform HTML <script> tag will be placed once in the top of the <HEAD> element of the page.
When placing the tag, make sure to follow the below guidelines –
- The tag must be implemented as is, and any change could affect the security of the website
- All requests must be HTTP; by design, Source Defense will not execute on websites using plain-text HTTP connections due to security considerations
- The tag must be placed at the top of the <HEAD> element above any other JavaScript
- The tag must load synchronously, Do not add the ‘defer’ property or any other properties to the tag
Tag structure and variables
Below is an example of the main Source Defense HTML <script> tags. The parameters in purple should be replaced with the actual values for your account. The values for your account have been provided in a separate email.
Example of Source Defense tag for a Full SaaS deployment:
<script>
vice = {
config: {
viceAccountId: “accountId”,
viceSiteId: “siteId”,
viceSectionId: “sectionId”
}
}
</script>
<script src=”//vice-prod.sdiapi.com/vice_loader/accountId/siteid”></script>
Tag variables:
AccountId: The ID of your account in the platform as provided to you by Source Defense support. The AccountId can only contain letters and numbers with no spaces.
SiteId: The ID of your site in the platform as provided to you by Source Defense support. The SiteId can only contain letters and numbers with no spaces.
Step 2 – Update CSP
In case your web properties are using content security policy (CSP). You will need to whitelist the Source Defense domains in your policies to make sure the platform is not blocked by them.
Please add *.sdiapi.com and *.sdiapi.net to the following CSP directives:
- script-src
- connect-src
- frame-src
- worker-src
- frame-ancestors
We’re Here to Help
Call 1 800 831 6660 or
What our clients are saying about us
“Never any issues with you guys! Things just work.”
“Customer service is a really big deal to us, and I am glad to do business with a company that obviously takes it as seriously as we do.”
“We’re happy with the IVR Payment system and it has been working well for us. Recently we also setup your newest SMS (text) receipts and found it to work great.”
“I want to command you and your team at Datatel on the job just completed for Tele-Response Center. The attention to detail and professionalism with which you approached the project was exemplary and greatly appreciated especially considering the several applications that needed to be implemented on short notice. Thanks again for your assistance getting this project off the ground so smoothly.”
“My team and I would like to commend Datatel on creating an IVR application that adds great value to our new Travel product. Your knowledge, input and expertise in IVR scripting, call flow management and overall IVR logistics made the development and implementation stages extremely easy to manage. Thank you for a well executed campaign that was launched on time and on budget.”
“Great team to work with. I look forward to utilizing some additional capabilities in the future.”
“We are very grateful for many years of mutually beneficial business relationship with Datatel and for impeccable customer service we have received during these years.”
“We, Standard Life, very much appreciated Datatel’s expertise, knowledge and support as we worked through the development and implementation stages. Our Clients appreciate the simplicity of the capability, while gathering very valuable feedback. Thanks for making this a very positive experience.”
“This was one of the best implementations I have been a part of. The communication was excellent and everything was responded to and dealt with swiftly. A real pleasure. We are looking forward to the impact this will have on our patient payments! Thank you!”
