---
header: PCI-Compliant Caching and Delivery
lang: en
last_updated: '2018-08-01'
url: https://docs.fastly.com/products/pci-compliant-caching-and-delivery
---

We have designed Fastly's core CDN service with Payment Card Industry Data Security Standard (PCI DSS) compliance in mind. With proper authorization on your account, you can use Fastly's [`beresp.pci`](https://www.fastly.com/documentation/reference/vcl/variables/backend-response/beresp-pci/) VCL variable to automatically cache content in a manner that satisfies PCI DSS requirements.

Adding the `beresp.pci` variable to an object prevents writing of that object to non-volatile disk storage on the edge. Combined with [frontend](https://docs.fastly.com/products/tls-service-options) and [backend TLS](https://www.fastly.com/documentation/guides/getting-started/hosts/working-with-hosts), this feature allows you to cache and transmit flagged content through the Fastly network in compliance with our PCI certification.

Contact [sales-ecommerce@fastly.com](mailto:sales-ecommerce@fastly.com) for more information on how to enable this product for your account.

> **IMPORTANT:** If you have purchased Fastly’s PCI-compliant caching or [HIPAA-compliant caching](https://docs.fastly.com/products/hipaa-compliant-caching-and-delivery) products Fastly will enforce a minimum version of TLS 1.2 or higher for all connections to meet the compliance requirements mandated by the [PCI Security Standards Council](https://www.pcisecuritystandards.org/).

> **NOTE:** Fastly's security and technology compliance program includes safeguards for the entire Fastly CDN Service, independent of using the `beresp.pci` variable. The Fastly [security program](https://docs.fastly.com/products/security-program) and [technology compliance](https://www.fastly.com/trust/faq) content provide more information about these safeguards.