Security and Fraud
Payfast is committed to keeping you, your customers and all sensitive information secure.
We take the data security of our merchants and their buyers very seriously
We have a multitude of automated and manual checks in place to protect both buyers and sellers from fraudulent transactions. Online retail has a fraud rate between 1 and 2% of all transactions. Through effective controls, Payfast’s is currently below 0.1% and still going down.
How we keep your business secure
Our security protocols are as, if not more, robust than South African banks.
PCI-DSS Level 1 Compliant
All your customers’ credit card payments are done in our secure environment.
Our website, payments page and help site are hosted on secure servers, safeguarding against phishing attacks.
This extra layer of security is used for all online transactions using a credit card.
3D Secure 2
An improved mobile-first level of authentication for online transactions using a credit card.
GEO IP Tracking
By monitoring where transactions originate from we can look for mismatches with the card’s issuing country.
Checks the card-issuing bank locations and merchants can choose to enable/disable payments from certain countries.
Extended Validation SSL
We use Extended Validation SSL with 2048-bit encryption, the highest level encryption available.
ASV Scans on a weekly basis
We run weekly network scans to look for new possible vulnerabilities and certify quarterly.
This extra layer of security is available to restrict access to your Payfast account.
Payments and card details are automatically checked against large online databases of blacklisted details.
Web application firewall
Payfast utilises WAF technologies to detect and stop malicious activity before it reaches our servers.
All suspicious transactions are manually reviewed by our support team.