Wondering if anyone can shed any light on if using google tag manager is compliant with PCIDSS?
I know there are provisions in it to ensure tags cannot be injected, such as securing servers, xss protections etc, but can't find anything on if a tag manager which enables dynamic html changes is ok or not.
I can see both arguments...
