PCI Compliance

Is Fast PCI DSS Compliant?

Fast was successfully assessed as a Payment Card Industry (PCI) Data Security Standard (DSS) Level 1 service provider. Level 1 is the highest level of assurance a service provider can receive. Fast is committed to annual reassessments to maintain this level of PCI compliance for its products and services.

What does PCI DSS Level 1 mean?

PCI DSS Level 1 is the highest level of certification one organization can obtain. To obtain its certification, Fast completed a formal external audit and obtained a Report on Compliance (RoC) and Attestation of Compliance (AoC).

How does this help Fast’s customers and partners?

If you are using Fast’s products and services, Fast is responsible for PCI compliance. We are committed to ongoing compliance with PCI DSS and as well as having effective security controls to protect buyers, sellers and partners.

Who decides the process and controls that are required to be PCI DSS compliant?

PCI Security Standards Council ("PCI SSC" or "PCI Council"). In 2006, the five major payment brands (Visa, MasterCard, American Express, Discover, and JCB) came together to create a single set of payment security standards and created an independent standards body to manage them called the Payment Card Industry Security Standards Council.

Why does a merchant need to be PCI compliant?

When you capture, store, and process payment card information, you must be PCI compliant. When you use Fast products, you can rest assured that Fast is handling and processing card information securely as mandated by PCI DSS.

What security controls are in place to ensure card data is secure?

Fast has deployed a defense in depth security strategy to ensure ongoing compliance with PCI DSS. Fast has deployed a Web Application Firewall (WAF) to protect against DDoS attacks and Layer 7 application level attacks. Fast uses a Network Intrusion Detection System (NIDS) that uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats by monitoring logs. Fast has deployed Cloud Security Posture Management (CSPM) and Vulnerability Management tools for identifying vulnerabilities, malware, misconfigurations in Fast’s production environment. Apart from deploying least privilege access controls, Fast uses encryption in transit via robust cryptographic protocols and encrypts sensitive data at rest.