Safe Commerce Requirements

  1. Requirements of the Safe Commerce certification:
  2. Systems must be on a secure network.
  3. If Cardholder data is stored it must be behind a suitably strong firewall, configured to protect the data.
  4. Default passwords must not be used on the system.
  5. Cardholder data must be encrypted during transmission.
  6. A Vulnerability Management Program must be implemented.
  7. Antivirus software must be used.
  8. Access to cardholder data by business need-to-know
  9. All persons with access to the data must have unique authentication details
  10. Physical access to cardholder data must be restricted.
  11. Track and monitor all access to network resources and cardholder data
  12. Maintain an information security policy
  13. Maintain a policy that addresses information security