AuricVault® Service

The problem the AuricVault® Service solves: Protecting sensitive data 

Try the evaluation kit, reduce your data security concerns in minutes!

avlogo200x66

The AuricVault®service is a PCI and HIPAA compliant data storage service that associates tokens with secure encrypted data.

2 Easy Steps to Implementation

Go to Step 1

"

 

 

 

 Overview

Tokenization is a proven way to secure and protect information, like credit cards, social security numbers, and passwords. A tokenization service encrypts the data it receives and then stores the encrypted data along with a random set of characters (the token). The service returns the token to you, so the token can be stored in place of the sensitive information in your business environment. The token has no value to any criminal who might access it in your environment.

The AuricVault®tokenization service is accessed through the AuricVault®Application Program Interface (API). If you do not have in-house web developers, Auric Systems International can provide custom development services, or contact information of software development firms familiar with the AuricVault®tokenization service. Check the box indicating development services are needed during step 1 sign up to get an evaluation kit.

“ Even when physical security is breached, firewalls are penetrated, tripwires are evaded and software-based security is circumvented, the combination of tokenization and cryptography provides a robust defense that can provide last-ditch salvation.”
– IBM Systems Magazine ©2014 MSP Communications, Inc.

Customer Feedback on  getting the 1st token back once the evaluation kit is received : As little as 15 minutes!

The AuricVault®service is PCI and HIPAA compliant data storage that associates tokens with secure encrypted data. Any Personally Identifiable Information can also be secured this way. 

The encrypted data can be:

  • Stored
  • Retrieved
  • Updated
  • Deleted.

A permissions system provides complete and secure controlled sharing of any sensitive information with third parties while tracking access to the data by user and date/time.

Retention policies allow automatic aging-out of data when it is no longer being accessed.

The AuricVault® service is an ideal storage solution for any sort of sensitive data.

  • Financial Data
  • Identification Data
  • Access Data

Learn More:

 

 

 

 

 

 

 

 

 

 

 

 

 

Features

  • Free Evaluation Kit – No time limits to complete an evaluation
  • Yes – we offer options for returning the tokenized data back
  • Implementation – JSON-RPV API. Sample Code, Staging & Production Credentials
  • 7 X 24 X 365 production support
  • Encryption Management- the service supports Service Managed or Locally-Managed
  • Conversion Between Encryption Methods 
  • Data Set Segmentation – Segment access to different types of data
  • Session Management – Browser­Side Tokenization
  • Multiple Integration Methods – Direct Browser-Side  JavaScript (with NoFault Tokenization™) and IFrame, 
  • Retention Policy – The Right Policy for the Data
  • Definable Permissions 
  • Payment Processor Independent Tokenization
  • Payment Processing with The AuricVault® service
  • Unified Payments API
  • Token swap (obtain payment processor native tokens)
  • PCI Compliance footprint can be reduced with use of the service

Business Features and Benefits

  • Clearly defined tokenization process
  • Credit card tokenization and de-tokenization occur within a secure, robust monitoring environment
  • Hosted in geographically distributed PCI compliant hosting facilities
  • Multiple Flexible Implementation approaches available
  • Browser-Side Tokenization
  • iFrame Tokenization technology with sandbox to production staging
  • Custom implementations
  • Geographically distributed PCI Compliant hosting facilities
  • Transparent, automatic data replication
  • Affordable
  • Payment Processor independent
  • Leading Payment Processing  gateway’s acceptable through the service
  • Environment is secure as well as being PCI and HIPAA compliant
  • Get started today with our free trial
  • Free Implementation Support

Development Features and Benefits

  • Developer friendly
  • Security centric service
  • JSON-RPC APIs, documentation, and sandbox credentials, staging and production credentials
  • Core development language samples offered
  • Most developers successfully use the Sandbox less than a 1/2 hour after receiving evaluation kit
  • Easy to read and internet accessible API documentation
  • Code samples in popular languages
  • Developer supported

 

 

 

 

 

Details

Tokenization & Data Storage Service for PCI and HIPAA Compliance

While tokenization is a term commonly associated with credit card storage and security, it is not yet as popular in the HIPAA (Health Insurance Portability and Accountability Act) compliance arena. However, considering the vast number of recent healthcare breaches, its time has come. Protecting HIPAA data is actually more complicated than with PCI data. Whereas with PCI the only data that needs to be protected is the actual credit card number, HIPAA information includes many more variables such as:

  • Names
  • Addresses
  • License/certificate numbers
  • Vehicle identifiers & serial numbers
  • Birth dates
  • Social Security Numbers
  • Policy Numbers
  • Tax IDs

Multiple parties often have access to this data, however, there may be different levels of access required for each. With tokenization, sensitive data can be stored separately, and retrieved by different levels of access. This way, individuals are only able to retrieve certain types of data.

Personally Identifiable Information (PII), such as birth information, social security numbers, financial records, security clearance, can also be protected, allowing organizations to improve security of personnel and/or client information.

Why The AuricVault® Tokenization Service?

Tokenization is the most effective way of minimizing your PCI compliance footprint.

The AuricVault®service interoperates with many different applications, programming languages, and processing services. It makes tokenized credit card storage affordable, even when your business needs a custom solution.

No matter where your business takes you, the AuricVault® service is ready to provide maximum security for your sensitive cardholder data. Test it for free with our Sandbox and move on to production fast. The AuricVault® service will rapidly solve and/or reduce your PCI footprint and costs.

High Availability

The AuricVault® service is deployed in both the eastern and western US. Data is replicated within each facility and between both facilities in near real-time (typically within a few seconds).

 

  Approaches

Implement the AuricVault® API in the following ways:

Implementation Assistance by Auric

Auric Systems International is a Level 1 PCI DSS Validated Service Provider, with deep roots in software development. We’re skilled in PCI business process design and implementation. We listen to your needs and answer your questions personally and in clear language. We learn your business requirements and practices and design a plan suited to your budget and goals. It is our job to use best-of-breed security with industry-proven techniques and technologies to deliver the results you want.

Implementation Assistance by AuricVault Developer Network

 

 

 

 

 Differentiators

  • Yes – we offer options for returning the tokenized data back!
  • Free Evaluation Kit – 90 Day Evaluation
  • Affordability – Starting at $300.00 per year for 2500 Tokens stored
  • Vault-Managed Encryption
  • Locally-Managed Encryption
  • Converting Between Encryption Methods
  • Data Set Segmentation
  • Session Management
  • Retention Policy
  • Permission Access Management
  • Integration Flexibility
  • Custom Embedded iframe with Sandbox staging to production
  • Payment processor independent tokenization
  • Support for Leading Payment processor gateway’s
  • Custom Bulk Tokenization Services
  • Data-set Tokenization Flexibility
  • White Label AuricVault® Service

 

 

 

 

 

 

 

 

 

  PCI Compliance

Auric is a Level 1 PCI DSS Validated Service Provider.
The AuricVault®  tokenization & storage service can reduce your PCI footprint. Of the 12 main and 250 sub PCI DSS 3.2 requirements Auric Systems International takes responsibility for 255 of them. The remaining 7 have “shared” responsibilities when the AuricVault®  tokenization & storage service is utilized for protecting sensitive data in a PCI compliant manner.

PCI related Links:

  • See us on page 13 of the Visa Validated Provider lists Here.
  • PCI Attestation of Compliance (AoC) 2016  Here
  • AuricVault PCI DSS 3.2 Responsibility Matrix Here

PCI Compliance Benefits and Features

  • Credit card storage – Off-site storage of tokenized credit card info
  • Off-site, long-term credit card storage for encrypted data
  • Tokenized credit card account numbers are separate from personally identifiable information
  • Auric Systems International is a Level 1 PCI DSS Validated Service Provider
  • Compliance with Visa’s Payment Application DSS (PA DSS) for PCI environments
  • PCI compliant solution – simpler, easier PCI auditing
  • PCI Compliant Tokenized Data Storage
  • PCI Self Assessment Questionnaire (SAQ) requirements can be reduced
  • Data retrieval requires Unique Tracking ID
  • Communication with server via secure tunnels (optional)
  • Audit Trails
  • Merchant PCI footprint reduced with tokenization
  • Automatic aging of stored values

 

 

 

 

 

Payments Passthrough

The AuricVault® service payments passthrough option make it easy for a business to tokenize credit cards, reduce PCI Compliance requirements and make payments to leading payment processors. The token can be used in place of the credit card in a business environment and when needed be sent to a supported payment processor through the AuricVault™ service. This is useful for recurring transactions and when communicating transactions to  multiple payment processors.

The AuricVault® payments passthrough service is designed as a pass-through service that converts a generic API into payment processor specific transactions. In addition to returning generic, processor-neutral responses, the AuricVault® payments service also returns detailed information returned by each payment processor. This is vital for businesses that are looking to take full advantage of services provided by each payment processor. This philosophy is an outgrowth of our 20 years of building server-side applications.

One unique feature of the AuricVault® payments service is the ability to see what data was sent to/received from the payment processor. This data (properly sanitized for PCI compliance before being returned) simplifies any support discussion you may have directly with your payment processor.

  • Unified Payments API

The AuricVault® payments service supports the following payment processors:

Processors supported soon:

Learn More

 

 

 

   Industries utilizing the AuricVault™ Service

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Watch More AuricVault Videos…

 

 

 

 

 

 





 

 

AuricVault® Production Support is available 24x7x365 Call 603-924-6079 x 320

Please leave a message that includes the product name, your name, company name, a phone number (spoken slowly and clearly for best response) and email where we may contact you in response to your urgent need. Please have your vault ID handy. The vault ID is found in the About box under the Help menu of your Auric Product. Our support team will contact you promptly by phone.

AuricVault® Implementation/Configuration Support is available during regular business hours (8am – 5pm EST)  

Email: Support@AuricSystems.com

Please send an email that includes the product name, your name, company name, a phone number, any current logs related to the time of the incident and an email where we may contact you in response to your needs.

 

 

Step 1

Sign up and receive your free 90 day evaluation kit.

The 90 day evaluation kit includes access to the latest
  • API
  • Sample Code
  • Evaluation / Sandbox Credentials
  • AuricVault Evaluation / Sandbox URLs
Evaluation credentials functionality are pre-defined:
  • Encrypt / Tokenize & Decrypt / Detokenize
  • Two segments
  • Two Retention periods (forever and “Long year”, which is 14 Months)
When you’re comfortable with the AuricVault® API, you’re ready for Step 2.
Step 2  defines specific credential functionality.
For example, a credential or multiple credentials can be defined to:
  • Encrypt / Tokenize & Decrypt  /Detokenize
  • Encrypt / Tokenize Only
  • Detokenize / Decrypt Only
  • Segments (randomly-defined)
  • Retention Policies
Segments – Information segmentation allows you to divide your information into different categories (segments). The AuricVault® service is able to tokenize a wide range of data with different levels of sensitivity. See the AuricVault® API for more details about segmentation.
Retention – The AuricVault® service supports multiple retention policies. This is necessary because retention policies for credit card numbers will be different than the retention policy for a taxpayer identification or phone number. The AuricVault® API provides the ability to delete tokens. See the AuricVault® API for more information on retention policies

Step 2 Define Staging & Production Credentials

Complete Step 2 to receive staging and production credentials. Define the specific requirements of your AuricVault® staging & production credentials In step 2. Auric builds the set of staging credentials that will match your eventual production credentials when you’ve completed and submitted your requirements. Staging credentials can be tweaked, updated or redefined during your staging process to assure the production credentials are defined to your specific requirements. Staging & production credentials are delivered promptly.

You’re Ready to Purchase the Service

Small Office Home Office

Starting at
$300.00 USD/Year
  • Annual options for storing 2,500 to 10,000 Tokens Per Year
  • Each 2,500 token storage increment is $300.00 per year
  • Free SandBox / Staging Account / 24 x 7 x 365 Technical Support
  • Hosted in geographically distributed PCI compliant hosting facilities
  • OPTIONS:(Add’l Fees Apply) AuricVault Fee Calculator 
  • Payment Processing, Token Swap, Vault Hosted iFrame, More than 3 credentials
  • Options purchase do not appear in the shopping cart and are confirmed by email or phone
Buy Now

asi-logo Questions? Need more help?

Call us at 603.924.6079 or

Send us an email

Share This
Check out developer.linkedin.com! https://www.auricsystems.com/wp-content/uploads/2016/04/Auric_vault.jpg anyone