Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover, and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org

Applicable documents by service

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Service
PCI Attestation of Compliance (AoC) - Salesforce.org Payment Services	2022-08-08	AWS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Responsibility Matrix - Salesforce.org Payment Services	2022-08-08	AWS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Heroku	2022-08-05	AWS	Heroku Heroku
PCI Responsibility Matrix - Heroku	2022-08-05	AWS	Heroku Heroku
PCI Responsibility Matrix - Commerce Cloud	2022-08-01	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Network Vulnerability Assessment - Hyperforce AMER (Canada)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce AMER (US East 1)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce AMER (US West 1)	2022-07-20	Hyperforce	Salesforce Services and Additional Services Salesforce Services and Additional Services
Network Vulnerability Assessment - Hyperforce APAC (South East - Australia)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce APAC (South East - Singapore)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce APAC (South - India)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce EMEA (France)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce EMEA (Germany)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce EMEA (UK)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce LACA (Brazil)	2022-07-20	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Attestation of Compliance (AoC) - Commerce Cloud	2022-07-20	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Salesforce Services	2022-07-20	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Salesforce Government Cloud Show more
PCI Responsibility Matrix - Salesforce Services	2022-07-20	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Salesforce Government Cloud Show more
Network Vulnerability Assessment - Commerce Cloud	2022-07-19	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Network Vulnerability Assessment - Core	2022-07-19	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - MuleSoft	2022-07-19	AWS	MuleSoft MuleSoft
Network Vulnerability Assessment - Salesforce.org Payment Services	2022-07-19	AWS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Responsibility Matrix - Salesforce Services on Hyperforce	2022-03-02	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce	2022-03-01	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Responsibility Matrix - MuleSoft	2022-02-01	AWS	MuleSoft MuleSoft
PCI Attestation of Compliance (AoC) - Mobify (Commerce Cloud Managed Runtime)	2022-01-13	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Network Vulnerability Assessment - Hyperforce APAC (North East - Japan)	2022-01-12	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Heroku	2022-01-11	AWS	Heroku Heroku
PCI Attestation of Compliance (AoC) - MuleSoft	2022-01-06	AWS	MuleSoft MuleSoft
PCI Attestation of Compliance (AoC) - Government Cloud Plus	2021-02-01	AWS	Salesforce Government Cloud Plus Salesforce Government Cloud Plus

PCI DSS

Applicable documents by service

Additional Information

Trailhead

Trust | Compliance

PCI DSS

Applicable documents by service

Additional Information

Trailhead