PCI-Compliant Caching and Delivery

We have designed Fastly's core CDN service with Payment Card Industry Data Security Standard (PCI DSS) compliance in mind. With proper authorization on your account, you can use Fastly's beresp.pci VCL variable to automatically cache content in a manner that satisfies PCI DSS requirements.

Adding the beresp.pci variable to an object prevents writing of that object to non-volatile disk storage on the edge. Combined with frontend and backend TLS, this feature allows you to cache and transmit flagged content through the Fastly network in compliance with our PCI certification.

Contact sales-ecommerce@fastly.com for more information on how to enable this product for your account.


If you have purchased Fastly’s PCI-compliant caching or HIPAA-compliant caching products Fastly will enforce a minimum version of TLS 1.2 or higher for all connections to meet the compliance requirements mandated by the PCI Security Standards Council.


Fastly's security and technology compliance program includes safeguards for the entire Fastly CDN Service, independent of using the beresp.pci variable. The Fastly security program and technology compliance content provide more information about these safeguards.

Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.