April 21, 2021
Secure Fintech Built Faster: Introducing Skyflow Payments Vault
Today, we’re excited to launch the Skyflow Payments Data Privacy Vault, a new product designed to help fintech companies quickly build and bring to market, privacy-first fintech applications.
The Payments Vault delivers zero trust data governance, polymorphic encryption, tokenization, and data loss prevention through a simple to use, developer-friendly API. It’s available today; if you are a fintech building anything that handles sensitive financial or personal data, sign up to see a demo and to learn more.
The core of the Payments Vault is the data privacy and security feature set, which you can use to safely store and protect your sensitive data, and which can be deployed in as little as a day. Equally important for time to market are the pre-built integrations to key parts of the fintech ecosystem -- KYC providers, card issuers, credit agencies, payment processors, and more--which save time otherwise spent on bespoke integrations.
“Skyflow is helping us ship new products faster by giving us a clean simple API for all our PII data security and privacy needs," said Kalpesh Kapadia, CEO and co-founder of Deserve. “When you first hear about Skyflow's approach, it sounds somewhat magical. But they have taken the idea of data vaults to a whole new level. We believe that this zero-trust data privacy vault approach is unique, and how it should have always been."
More Than Tokenization and Compliance
For most fintech companies, tokenization and compliance are table stakes. There are many solutions that provide black box tokenization systems that claim to reduce your PCI compliance burden. The challenge with these solutions is that they are typically point solutions that address a single use-case but fail to provide an end-to-end solution that can effectively manage data governance, data privacy, and data security in one. As a result, companies are forced to rely on a patchwork of difficult-to-integrate data security and compliance products, each designed to solve one part of the data privacy problem.
At Skyflow, we’ve built the Payments Vault to enable fintech companies to specifically solve this problem with a single solution that combines best-in-breed data governance, data privacy, and data security. The goal is that fintech companies can leverage a single solution to securely collect sensitive data, isolate it within a Zero Trust data vault, and define granular access policies that determine how the data should be shared and in what form. This approach greatly reduces the development process for developers while providing maximum flexibility.
Powerful APIs, Completely Open and Unlimited
Unlike other solutions that limit the number of API calls or charge on a per API call basis, we’ve decided to make our APIs unlimited and completely open to developers. The reason for this is simple. We believe that companies and developers should not have to architect their applications and data layer in such a way that trades off performance and security for cost minimization. Fintech applications are complex enough to build and maintain, developers don’t need an extra layer of complexity where they have to manage the amount of API calls in order to reduce their cost basis. Taking this one step further, the Payments Vault supports a full customer profile schema and can be used to store customer PII data in addition to sensitive financial data. This enables you to use the Payments Vault as a master sensitive customer data store.
Zero Trust Data Governance Delivered Through an API
At the heart of the Skyflow Payments Data Privacy Vault is a robust data governance engine that enables you to write granular data access policies that define how services and users can access sensitive data. These data access policies are evaluated on every API call to the vault and are logged in the Skyflow Auditing and Logging module. This continuous evaluation provides you with an unprecedented level of observability. Developers can even export the logs and import them into their favorite log management solution.
Pre-built Secure Lambda Functions
Fintech companies are increasingly becoming more reliant on the greater fintech ecosystem to provide core functionality such as KYC, transaction processing, card issuance ,and more. With pre-built, secure lambda functions that are integrated directly to the vault, fintech companies can execute their customer on-boarding or issuing workflows without having to directly process any sensitive data on their servers. This approach dramatically reduces the exposure of PII to internal services and systems which helps to keep sensitive data secure while accelerating developer productivity.
“When I started building my new fintech startup after decades of experience at the biggest banks, my team and I found many tokenization solutions in the market but Skyflow was the only one that met our needs to go beyond payment data and cover PII information too,” said Ben Soppitt, CEO and founder of Unifimoney. “We also needed a customer identity data store that could connect with the leading KYC and ID verification vendors, and Skyflow’s secure lambda functions made these integrations easy.”
We currently have pre-built integrations with the larger fintech ecosystem – including Plaid, Stripe, PayPal, Alloy, Persona, i2C; Visa, Mastercard, and American Express; Experian, Equifax, and Transunion; and many more.