The Changelog   /     Securing ecommerce: "It's complicated" (Interview)

Ilya Grigorik and his team at Shopify has been hard at work securing ecommerce checkouts from sophisticated news attacks (such as digital skimming) and he’s here to share all the technical intricacies and far-reaching implications of this work.

Join the discussion

Changelog++ members save 7 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

• Retool – The low-code platform for developers to build internal tools — Some of the best teams out there trust Retool…Brex, Coinbase, Plaid, Doordash, LegalGenius, Amazon, Allbirds, Peloton, and so many more – the developers at these teams trust Retool as the platform to build their internal tools. Try it free at retool.com/changelog
• Augment Code – Developer AI that uses deep understanding of your large codebase and how you build software to deliver personalized code suggestions and insights. Augment provides relevant, contextualized code right in your IDE or Slack. It transforms scattered knowledge into code or answers, eliminating time spent searching docs or interrupting teammates.

Featuring:

• Ilya Grigorik – Website, GitHub, X
• Jerod Santo – GitHub, LinkedIn, Mastodon, X

Show Notes:

• Powering Shopify’s High-Performance, PCI DSS v4 Compliant Checkout with Sandboxing
• PCI Compliance: What Is It and Everything Retailers Need to Know
• PCIv4: SRI gaps and opportunities - Google Docs
• Shopify/remote-dom

Something missing or broken? PRs welcome!