Legal Information & Resources Legal Terms & Conditions Authorized Service Providers (Partners) Distributors and Affiliates Policies Privacy Policy Cookie Policy Compliance California Consumer Privacy Act (CCPA) Disaster Recovery & BCP GDPR PCI DSS PrivacyMark SOC 1 SOC 2 Other EU Standard Contractual Clauses (DR Hosted) UK Standard Contractual Clauses (DR Hosted) Shipping Addendum EU Standard Contractual Clauses for Commerce and Connector Solutions EU Standard Contractual Clauses for Authorized Service Providers UK Standard Contractual Clauses for Commerce and Connector Solutions UK Standard Contractual Clauses for Authorized Service Providers Data Handling Exhibit Data Handling Standards Payment Addenda Approved ECCNs Prohibited Goods and Services Guidelines & Best Practices

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org.

Digital River complies to the highest standard as a Level 1 Service Provider and Merchant. We undergo exhaustive annual audits and monthly scans by qualified assessors. To ensure compliance requirements and protect your customers, Digital River:

Builds and maintains a secure network and systems
Tokenizes and protects cardholder data
Maintains a vulnerability management program
Implements strong access control measures
Regularly monitors and tests networks
Maintains an information security policy

Our recommendation to ensure PCI compliance easily and effectively is to leverage our JavaScript library, DigitalRiver.js, to secure your customers’ data in a compliant manner while maintaining control over the shopping experience. Most of our clients can then easily complete a PCI Self-Assessment Questionnaire (SAQ) maintained by the PCI Security Standards Council.

Applicable documents

Document
PCI DSS Service Provider AOC report
PCI DSS Merchant AOC Report

Confidentiality Notice and Terms

The confidential information of Digital River, Inc. and its affiliates (“DR”) available at help.digitalriver.com/compliance (“DR Confidential Information”) is subject to the terms of the applicable agreement between you and DR. If you are not a party to an agreement with confidentiality provisions applicable to the DR Confidential Information, the terms set forth in the following paragraph are the confidentiality provisions applicable to your access to, and use of, the DR Confidential Information. Examples of agreements with confidentiality provisions applicable to the DR Confidential Information can be found on the Legal page of the Digital River support website.

These terms constitute a legally binding agreement between you and Digital River, Inc. (“DR”). Please read them carefully. By accessing or viewing the confidential information of Digital River, Inc. and its affiliates available at help.digitalriver.com/compliance (“DR Confidential Information”), you agree to these terms on your behalf or on behalf of the entity with which you are employed, affiliated or associated. You represent that you have the authority to bind the entity to these terms. If you do not have such authority or are not willing to be bound by these terms, do not view or access the DR Confidential Information. By accessing or viewing the DR Confidential Information you acknowledge and agree that these files are the confidential information and trade secrets of Digital River, Inc. and its affiliates. You will use the same degree of care that you use to protect the confidentiality and trade secret status of the DR Confidential Information as you do to protect your own confidential information of like kind (but not less than reasonable care) and you will not use the DR Confidential Information for any purpose other than to use the services of DR or evaluate the purchase of DR’s solutions. Except as otherwise authorized by DR in writing, you will to limit access to the DR Confidential Information to those who need that access for these purposes and who have executed confidentiality agreements with you containing protections no less stringent than those in these terms. You will not disclose DR Confidential Information to any third party other than your affiliates, legal counsel and accountants without DR’s prior written consent and you will remain responsible for your affiliate’s, legal counsel’s or accountant’s compliance with this paragraph. You may disclose the DR Confidential Information to the extent compelled by law to do so, provided you give DR prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at DR’s cost, if DR wishes to contest the disclosure. These terms do not apply to any information that: (i) is or becomes generally known to the public without breach of any obligation owed to DR, (ii) was known to you prior to its disclosure by DR without breach of any obligation owed to DR, (iii) is received from a third party without breach of any obligation owed to DR, or (iv) was independently developed by you.

I have read, understood, and agree with the Confidentiality Notice and Confidentiality Terms

Click here to be taken to the Compliance documents in the Digital River Knowledge Portal.

If you don’t have access, contact your sales representative or Digital River contact to set up access to the Knowledge Portal.

Confidentiality Notice and Terms

I have read, understood, and agree with the Confidentiality Notice and Confidentiality Terms

Click here to be taken to the Compliance documents in the Digital River Knowledge Portal.

If you don’t have access, contact your sales representative or Digital River contact to set up access to the Knowledge Portal.

Payments

Tax & Compliance

Fraud

Global Logistics

Sell Physical Products

Sell Digital Products

Optimize B2B Sales

All Partners

SI / Agency Partners

Become a Partner

Partner Documentation

Digital River API

API Reference

Set up a Sandbox

Documentation

Toolkit

Payment Method Guide

Country Guide

Blogs

Client Stories

Podcasts

Videos

Webinars

About us

Diversity and Inclusion

Careers

Client Stories

News & Events

Shopper Support

Solution Center

PCI DSS

Applicable documents

Sign In

Digital River Dashboard

Solution Center

My Commerce

PCI DSS

Applicable documents