Secure Payment


  • PayFast is committed to keeping you, your customers and all sensitive information secure. We have a multitude of automated and manual checks in place to protect both buyers and sellers from fraudulent transactions. 
  • PCI-DSS Level 1 Compliant
  • We use Extended Validation SSL with 256-bit encryption. Only two of the four major South African banks use this –the highest– level of encryption currently available.
  • All sensitive info is encrypted within our own database.
  • We run penetration testing on our system on a weekly basis to look for vulnerabilities. We are only required to do it once every three months, but we run it every week.
  • Our entire site, blog, payments page and help site all are served off secure servers, making it harder to perpetrate phishing attacks.
  • 3D Secure is in place for all credit card transactions.
  • Two-factor authentication is available to restrict access to your PayFast account.
  • We use GEO IP tracking to see where transactions are originating from and look for mismatches between this and the card’s issuing country.
  • Our system automatically checks for suspicious payment velocity.
  • We use BIN/IIN validation to check for card-issuing bank locations and merchants can choose to enable/disable payments from certain countries.
  • Payments and card details are automatically checked against large online databases of blacklisted details.
  • All suspicious transactions are manually reviewed by our stellar Support Team.