We recognize that by being supplier of security and authentication software,
our clients puts a level of thrust into our hands. To live up to these
requirements all SW-development and testing aims at securing the highest
WEB-application security standards.

We recognize and accept the leading international WEB-application security
standards formulated by multiple organizations:

· PCI/DSS

· OWASP

· SANS cyber

The latest version of FastPass 3.5 has been tested against the tough
requirements from all three standards by Indusface Ptv.Ltd. Indusface is an
authorized scanning vendor and is used by more than 700 large companies and
SW-developers world-wide to assure that WEB-applications are safe for users and
organizations.

The scanning of FastPass included more than 5000 different types of attacks
against the FastPass Cloud configuration. Indusface has now certified that
FastPass passes all requirements. For more details please see
http://www.fastpasscorp.com/password-reset/web-security-level-very-high!.aspx

The conclusion after all the tests is:

The application FastPass Password Manager v. 3.5.2 is free from any severe
vulnerability threat and safe to carry out transaction. The Web Client and the
Mobile Client for the FastPass system was found to be very secure as no
vulnerabilities were uncovered in this security audit. The environment is
tested against OWASP and SANS guidelines and the application was found safe
against them. The tested environment passes the PCI scan requirements.
Vulnerabilities with a risk level of medium (CVSS level 4.0) or higher were NOT
discovered. The overall security level is noted as Very High

FastPassCorp is committed to continued emphasis on the highest security
standards for the development of all our enterprise password self service
SW-products and Cloud services for our customers.

CEO Finn Jensen +4524811279 [email protected]

Press release January 31.th 2016 WEB security certification.pdf