Know exactly what is running on your checkout page
TagSense audits every tag and every network domain called from your /checkout, /payment, and /order-confirmation pages. Unknown domains are flagged Critical. Catches Magecart-style injections before customer payment data is at risk.
Payment page security features
Full payment page tag audit
Every tag firing on /checkout, /payment, and /order-confirmation listed with name, type, vendor, and fire count.
Domain allowlist monitoring
All network domains called from payment pages. Any domain not in your approved vendor list is flagged automatically.
Unknown domain alerts
New or unrecognised domains calling out from payment pages are flagged as Critical severity and trigger an immediate alert.
Tag execution timeline
See the exact order and timing of every tag firing on your payment pages - with millisecond precision.
CSP violation log
Content Security Policy violations captured in real time - blocked URIs, violated directives, and occurrence count.
Change detection
Tags appearing for the first time on payment pages are flagged automatically via BigQuery first-seen date tracking.
Real story: Magecart-style domain caught on /checkout
A Magecart-style domain starts making calls from the /checkout page after a compromised third-party library update. TagSense Security flags the unknown domain "analytics-cdn-fast.net" in the Payment Page Audit within hours of it appearing.
The tech lead identifies the injected script, resets their GTM workspace, and removes the malicious tag. Customer payment data was not compromised because the breach was caught immediately. Without TagSense, this would have gone undetected for months.
Add payment page security to your monthly checklist
Payment page security audit is included in the Pro plan. Start free to see your overall security score.