Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover, and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org

Applicable services and documents

Sort by: Document	Sort by: Last Updated	Service
Network Vulnerability Assessment	2020-12-20	B2B Commerce Einstein Analytics Salesforce Services
Network Vulnerability Assessment - Heroku	2020-12-03	Heroku
PCI Responsibility Matrix - Heroku	2020-10-14	Heroku
PCI Attestation of Compliance (AoC) - Salesforce.org Elevate	2020-08-13	Salesforce.org Elevate
PCI Attestation of Compliance (AoC) - Commerce Cloud	2020-08-07	B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Salesforce Services	2020-07-15	B2B Commerce Einstein Analytics Government Cloud Salesforce Services
PCI Responsibility Matrix - Salesforce Services	2020-07-15	B2B Commerce Einstein Analytics Government Cloud Salesforce Services
PCI Attestation of Compliance (AoC) - Heroku	2020-07-08	Heroku
PCI Attestation of Compliance (AoC) - MuleSoft	2019-12-12	MuleSoft
PCI Responsibility Matrix - Commerce Cloud	2019-10-01	B2C Commerce / Commerce Cloud

PCI DSS

Applicable services and documents

Additional Information

Trailhead

Trust | Compliance

PCI DSS

Applicable services and documents

Additional Information

Trailhead