Skyflow Announces World’s First Level 1 PCI-Compliant Data Vault

Skyflow Delivers Zero Trust Data Privacy Vaults via a Modern API, Ensuring Privacy, Security, and Compliance

Skyflow today announced the general availability of its PCI Level 1 Data Privacy Vault, making its API-based solution the only one of its kind ready for high-volume credit card transactions. From day one, Skyflow has helped customers protect personally identifiable information (PII) and meet stringent compliance regulations globally, including PCI, HIPAA, GDPR, and others. Skyflow’s new designation as a Level 1 Service Provider comes on the heels of achieving SOC 2 Type 1 compliance last July.

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards created by the credit card industry to protect payment systems from data breaches. Businesses that process more than 6 million transactions annually or are otherwise deemed high risk are required to meet the higher PCI Level 1 requirements, and may only work with service providers who have met all twelve requirements and the more than 100 sub-requirements to reach Level 1 Service Provider Status. Skyflow’s achievement of Level 1 compliance makes its unique data privacy vault a simple means for even the largest scale businesses to meet their PCI requirements while also solving for more difficult data privacy problems such as PII data security, data residency, secure data sharing, and GDPR compliance.

"We are very proud to receive our PCI Level 1 certification, the highest level of assurance a service provider can receive,” said Daniel Wong, Director of Security and Compliance, Skyflow. “This certification followed the achievement of SOC 2 Type 1 just a few months ago, and it further validates our commitment to privacy and security. Customers can rest assured that Skyflow has the rigorous controls and processes to protect their sensitive customer data."

What if privacy had an API?

Skyflow is the first zero-trust data privacy vault. Delivered via a simple API, it can be deployed quickly and provides a complete, customizable solution for:

• Compliance
• Data Security, Governance, and Residency
• Secure Data Sharing and Analytics
• Encryption/Tokenization

For fintech companies, Skyflow’s Data Privacy Vault supports modern financial use cases, including money movement, card issuance, card acceptance, customer onboarding, and customer data management. Skyflow is designed for flexible data residency, and is available to customers globally.

Accelerate compliance with a single solution

Conducting a PCI DSS assessment can be a heavy administrative burden for companies that process cardholder data. Companies of all sizes can now use Skyflow’s Data Privacy Vault to:

• Reduce their PCI DSS scope and easily achieve PCI certification for their applications.
• Save time and resources on compliance certification.
• Focus on building their core product versus worrying about PCI data processing and storage needs.

Skyflow worked with an industry-leading consultancy on the Level 1 PCI DSS certification process to help validate its controls and processes maturity. According to Jung Kim, founder of MediRisk, a risk management consultancy, “Working with Skyflow has been such a pleasant experience. Of all the companies I have helped or assessed, Skyflow stands out for their commitment to security and privacy from top to bottom. When so many companies are busy checking the compliance boxes, Skyflow is always eager to ask, ‘how can we get better?’”

View source version on Business Wire.