Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover, and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org

Applicable documents by service

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Service
Network Vulnerability Assessment	2021-09-17	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Attestation of Compliance (AoC) - Salesforce.org Payment Services	2021-08-13	AWS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Responsibility Matrix - Salesforce.org Payment Services	2021-08-13	AWS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Commerce Cloud	2021-08-06	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Responsibility Matrix - Commerce Cloud	2021-08-06	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Salesforce Services	2021-07-15	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Government Cloud Show more
PCI Responsibility Matrix - Salesforce Services	2021-07-15	First party, AWS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Government Cloud Show more
PCI Attestation of Compliance (AoC) - Heroku	2021-07-08	AWS	Heroku Heroku
Network Vulnerability Assessment - Heroku	2021-07-07	AWS	Heroku Heroku
Network Vulnerability Assessment - Hyperforce APAC (South East - Australia)	2021-06-03	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce AMER (East)	2021-05-27	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce APAC (South - India)	2021-05-27	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Responsibility Matrix - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Responsibility Matrix - MuleSoft	2021-02-17	AWS	MuleSoft MuleSoft
PCI Attestation of Compliance (AoC) - Mobify	2021-02-04	First party	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Government Cloud Plus	2021-02-01	First party	Government Cloud Plus Government Cloud Plus
PCI Attestation of Compliance (AoC) - MuleSoft	2021-01-26	AWS	MuleSoft MuleSoft
PCI Responsibility Matrix - Heroku	2020-10-14	AWS	Heroku Heroku

PCI DSS

Applicable documents by service

Additional Information

Trailhead

Trust | Compliance

PCI DSS

Applicable documents by service

Additional Information

Trailhead