PAYFAST: We take the data security of our merchants and their buyers very seriously

We have a multitude of automated and manual checks in place to protect both buyers and sellers from fraudulent transactions. Online retail has a fraud rate between 1 and 2% of all transactions. Through effective controls, PayFast’s is currently below 0.1% and still going down.

How we keep your business secure

Our security protocols are as, if not more, robust than South African banks.

red tick

PCI-DSS Level 1 Compliant

All your customers’ credit card payments are done in our secure environment.

red tick

Secure servers

Our website, payments page and help site are hosted on secure servers, safeguarding against phishing attacks.

red tick

3D Secure

This extra layer of security is used for all online transactions using a credit card.

red tick

GEO IP Tracking

By monitoring where transactions originate from we can look for mismatches with the card’s issuing country.

red tick

BIN/IIN Validation

Checks the card-issuing bank locations and merchants can choose to enable/disable payments from certain countries.

red tick

Fraud Reviews

All suspicious transactions are manually reviewed by our support team.

red tick

Extended Validation SSL

We use Extended Validation SSL with 2048-bit encryption, the highest level encryption available.

red tick

ASV Scans on a weekly basis

We run weekly network scans to look for new possible vulnerabilities and certify quarterly.

red tick

Two-factor authentication

This extra layer of security is available to restrict access to your PayFast account.

red tick

Validation checks

Payments and card details are automatically checked against large online databases of blacklisted details.

red tick

Web application firewall

PayFast utilises WAF technologies to detect and stop malicious activity before it reaches our servers.

red tick

Web application firewall

PayFast utilises WAF technologies to detect and stop malicious activity before it reaches our servers.