Data Security Program

Protect your customers' credit card information, and protect your business.

All merchants who accept credit cards are required to meet certain security standards to protect customer credit card information; this is called the Payment Card Industry (PCI) Data Security Standard. Major credit card associations in the United States including Visa®, MasterCard®, Discover® and American Express® created and endorse the PCI data security standard.

Commerce can help you achieve compliance by securing your website and your customer information with the Commerce Bank Data Security Program.

What are the data security requirements? Learn more about PCI security requirements

Data Security Information

As a reminder that the personal computer operating systems Windows XP was removed from Microsoft's list of supported operating systems on April 8, 2014. Announced in 2007, this end of support means Microsoft will no longer release any XP software updates, automatic fixes or service packs.

Windows XP is a highly vulnerable platform, whereas Windows 7 and 8 are modern operating systems with more sophisticated security features built in, making them less of a target to hackers. Anyone using Windows XP, whether it is for personal computing or business operations, should consider upgrading to a newer and more secure operating system.

Merchants currently using a POS system on Windows XP present a serious threat to their overall security and their Payment Card Industry Data Security Standard (PCI DSS) compliance. Merchants choosing to continue to run XP after support ends will have functioning computers and POS systems, but become vulnerable to security risks such as viruses and malware.

Safeguarding your business from a data security breach has never been more important. The following links contain more information regarding the recent OpenSSL 'Heartbleed' vulnerability and the Microsoft Internet Explorer vulnerability.

Commerce Bank Data Security Program

Recently, you may have heard about security breaches affecting merchants, which have gained attention in the news media. These incidents were not exclusive to large merchants or e-commerce merchants. In fact, many of these incidents occurred at merchants with small dollar volumes and few or no e-commerce transactions.

The Commerce Bank Data Security Program can help you comply with the PCI Data Security Standard and will:

  • Safeguard the credit cardholder information that you process and/or transmit from attackers and other online hazards.
  • Protect you and your customers from theft and fraud

As a Commerce Bank merchant, this program is available to you for a nominal fee and enrollment is fast and easy.

Trustwave TrustKeeper<sup>&reg;</sup> compliance portal

The Commerce Bank Data Security Program utilizes TrustWave's TrustKeeper® compliance portal -
the tool you need to comply with PCI.

TrustWave is the leading third party assessor, www.trustwave.com and an authorized QSA for both VISA® and MasterCard®.

Commerce Bank strongly endorses the need for more stringent standards regarding the handling of cardholder data. In addition, we are taking proactive measures to ensure that all merchants adopt these standards and maintain compliance on an on-going basis. Your compliance with the PCI Data Security Standard is mandatory.

More Information

If you need assistance with TrustKeeper, or require more information on enrollment, please contact Commerce Bank Merchant Support at 800-828-1629

Important Disclaimers:

  • To send an email that contains confidential information, please visit the Secure Message Center where there are additional instructions about whether to use Secure Email or Online Banking messaging.