Shopping Security

FaStart prioritizes the security of both sellers and buyers. This page explains FaStart's platform security approach, the separation of responsibilities for payment security, and recommendations for safe shopping.

The following security measures are provided directly by FaStart:

• SSL/TLS encryption for secure data transmission on all platform pages
• Encryption of data stored in databases (encryption at rest)
• Secure authentication: password hashing, session management and secure cookie policies
• Regular security updates and vulnerability scans
• Personal data handling and storage procedures compliant with KVKK (Law No. 6698)
• Access authorization and role-based control mechanisms

Payments on FaStart are processed through the Seller's own POS provider (iyzico, Stripe, etc.). The separation of responsibilities for payment security is clearly stated below:

• Payment processing: Handled by the Seller's POS provider; FaStart does not act as an intermediary in the payment flow
• PCI DSS compliance: The responsibility of the POS provider
• 3D Secure verification: Managed by the POS provider and the card-issuing bank
• Card data: Stored by the POS provider; NOT stored by FaStart
• FaStart does not store, process, or have access to buyer credit card numbers

3D Secure is a protocol that provides an additional layer of security for online credit card transactions by verifying the cardholder's identity. This feature is provided by the Seller's POS provider and the card-issuing bank.

How Does 3D Secure Work?

1. Initiate Payment: The buyer enters their credit card details and initiates the payment on the Seller's store.
2. POS Provider Redirect: The payment request is processed by the Seller's connected POS provider.
3. Bank Authentication: The POS provider redirects to the card-issuing bank's 3D Secure page.
4. Identity Verification: The buyer verifies their identity via SMS code, mobile app approval or password.
5. Transaction Complete: Once verification succeeds, the payment is approved and the buyer is redirected back to the store.

Note: 3D Secure support is a feature provided by the Seller's POS provider and the card-issuing bank. FaStart does not directly manage this process.

• Use a strong, unique password and change it regularly
• Do not share your account credentials or login information with others
• Report suspicious account activity immediately to support@fastart.co
• Always log out of your session on shared devices
• Be cautious of suspicious emails claiming to be from FaStart; FaStart will never ask for your password via email

• Use strong authentication for seller admin panel access
• Keep your API keys confidential; do not share them in source code or public environments
• Store your POS integration credentials (API keys, secret keys) securely and protect them from unauthorized access
• Regularly review access logs in the seller dashboard
• Restrict panel access for unauthorized team members

• Check for the 'https://' protocol and the lock icon in your browser's address bar before shopping
• Avoid shopping on public or unsecured WiFi networks
• Regularly review your account activity and order history
• Never share your personal information or passwords with anyone
• Use strong, unique passwords; do not reuse the same password across different sites
• Review your bank statements regularly and report unrecognized transactions to your bank

If you discover a security vulnerability, data breach or suspicious activity on the FaStart platform, please report it immediately to support@fastart.co. Your report will be reviewed by our security team as soon as possible.

This Shopping Security notice took effect on 23/02/2026.