The payment gateway stores and transmits information securely over the Internet; the source key is the code that allows communication between the shopping cart and merchant account. The default settings are recommendations for your protection but are no guarantee against chargeback or fraud liability; each merchant is responsible for monitoring transaction activity. Your gateway contains the source key(s) for your processing environments as well as cardholder data. Allowing access to users outside of your company renders your business vulnerable to unauthorized activity and potential security breaches. For your protection, limit master access to the account holder and restrict permissions for added users.