Tokenization with Vault-Managed Encryption

How Vault-Managed encryption works

The AuricVault®  service provides all your encryption and key management requirements. The AuricVault® service provides PCI compliant vault-managed encryption with tokenized data storage and manages the encryption keys, the AES-256 encryption, and PCI Compliant encryption key rotation. The AuricVault®  service key management services are located within a PCI Compliant hosting facility separate from the encryption servers and the key services. The encryption services are widely separated geographically.

The AuricVault® tokenization and storage service offers implementation flexibility. Direct connectivity allows both modern servers and legacy systems to integrate with the AuricVault® service. The integration method is a simple HTTPS POST call using JSON-RPC. Almost any programming language from the last 15 years can easily integrate with the service. Vault-managed encryption performs all encryption/decryption and key management tasks within the AuricVault® service.  Plain text (unencrypted) data is sent to the AuricVault® service.

Vault-Managed encryption – API calls:

  • encrypt
  • decrypt
  • reencrypt
  • session_encrypt
  • session_decrypt
  • delete_token
  • token_info
  • touch_token
  • get_session

Benefits and Features

  • AuricVault®API
  • Flexible web-service interface
  • Credit card account numbers separated from personally identifiable information (Protecting card holder data)
  • Staging Sandbox
  • Automatic disposal of unused tokens
  • Encryption key management
  • PCI compliant encryption key rotation
  • Simple integration into existing business process
  • PCI compliant off-site data storage
  • Popular with
    1. Merchants Reducing PCI Exposure
    2. Banks
    3. Call Centers
    4. Mobile Application Developers
    5. PCI Compliant Organizations
    6. eCommerce

Share This
Check out! anyone