My Oracle Support Banner

The 12 Commandments of PCI Compliance (Doc ID 1362747.1)

Last updated on JUNE 07, 2022

Applies to:

Oracle Commerce Platform - Version 2006.3 and later
Information in this document applies to any platform.


This document has been migrated from the former ATG Community and is being provided here as a courtesy to customers. The content in this document is not supported by Oracle Software Support

Payment Card Industry (PCI) Data Security Standard is a mandatory requirement for any organisation wishing to take payments for goods or services by debit or credit card. PCI compliance does not just apply to internet/ecommerce transactions but also to other channels such as brick and mortal retail, telephonic orders, or mail orders. As a commerce software vendor we are often asked how the ATG Commerce platform conforms to PCI Data Security Standards.

The ATG Commerce Platform, or any other Commerce platform, on its own is not PCI compliant; it is how the software is deployed and management of the physical environment that determines if the overall solution is PCI compliant. To help practitioners plan a PCI Compliant solution the standard includes 6 key goals which cover 12 key requirements, the 12 commandments of PCI compliance.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Build and maintain a secure network
 Protect cardholder data
 Maintain a vulnerability management program
 Implement strong access control measures
 Regularly monitor and test networks
 Maintain an information security policy

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.