menu
Start now for free
Lang ع

Security

Built securely from the ground up

We use a wide range of technologies to ensure high levels of security throughout
the whole site.

security 01
security 02
  • All communications are secured using strong encryption.
  • Cross Site Request Forgery (CSRF) Protection
  • Advanced DDoS Attack Protection
  • Encryption of sensitive data and communication
  • PCI DSS compliant
  • Fully GDPR compliant
security 03

Fatora is the safest financial option in Qatar because we:

  1. Adhere to international standards: We strive to apply international standards professionally and have many quality certificates in the application of these standards.
  2. We have secure and reliable Internet servers that guarantee the protection of customer information.
  3. Secure 256 bit Gateway Encryption Certificate: Application of the PCI DSS standard to control the data of credit card holders and reduce fraud.

And ensures the security and protection of user information, it is :

    1. Affective technique in the preservation of transactions: uses a secure technology in maintaining the transactions of customers from the beginning to completion.
    2. Guaranteeing rights in disputes: The application deposits your money into your account until the problem is resolved between you and the customer.
    3. Confidentiality of your information: Full confidentiality of your account information and credit cards.
    4. our customer information is 100% secure we are using 256 bit SSL encryption data connection between the platform and payment gateway
    5. We process payments only we don’t store customers bank cards
    6. We don’t have any access to customer card information
    7. Fatora is using banks payment gateway which is approved by Qatar Central Bank

Cybersecurity and Operational Assessment for Payment Gateway

We employ HTTPS with TLS 1.3 for secure communication between the payment gateway and  platforms, ensuring data integrity and confidentiality.

Yes, we adhere to PCI-DSS standards, ensuring secure handling of cardholder data during processing, storage, and transmission

Yes, all transactions are encrypted using TLS 1.3 in transit and AES-256 encryption for data at rest

TLS 1.3 for in-transit encryption and AES-256 for encrypting sensitive data at rest. 

Sensitive card details are never stored on our servers. Instead, tokenization is used. 

Yes we  implement tokenization to replace sensitive card details with unique tokens and use data masking for displaying only partial customer data where necessary.

We use fraud detection systems, including behavioral analysis, anomaly detection, and integration with fraud prevention tools such as 3D secure.

24/7 monitoring with automated alert systems and Real-time logging tools to detect anomalies.

  • Immediate notification to the merchant.
  • Submission of relevant transaction data for dispute resolution.
  • Coordination with acquiring banks for efficient handling.

We apply critical updates immediately and perform monthly routine updates.

Yes, we have a disaster recovery plan with backup systems and failover mechanisms to minimize downtime.

The RTO for outages is typically under 1 hour, depending on the nature of the issue.

  • Frequent security scans and manual penetration testing are performed regularly .
  • Following OWASP best practices and tests integrations for common vulnerabilities such as SQL injection, CSRF, and XSS, and others.
cta-07