PALO ALTO, Calif.--(BUSINESS WIRE)--Skyflow today announced the general availability of its PCI Level 1 Data Privacy Vault, making its API-based solution the only one of its kind ready for high-volume credit card transactions. From day one, Skyflow has helped customers protect personally identifiable information (PII) and meet stringent compliance regulations globally, including PCI, HIPAA, GDPR, and others. Skyflow’s new designation as a Level 1 Service Provider comes on the heels of achieving SOC 2 Type 1 compliance last July.
PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards created by the credit card industry to protect payment systems from data breaches. Businesses that process more than 6 million transactions annually or are otherwise deemed high risk are required to meet the higher PCI Level 1 requirements, and may only work with service providers who have met all twelve requirements and the more than 100 sub-requirements to reach Level 1 Service Provider Status. Skyflow’s achievement of Level 1 compliance makes its unique data privacy vault a simple means for even the largest scale businesses to meet their PCI requirements while also solving for more difficult data privacy problems such as PII data security, data residency, secure data sharing, and GDPR compliance.
"We are very proud to receive our PCI Level 1 certification, the highest level of assurance a service provider can receive,” said Daniel Wong, Director of Security and Compliance, Skyflow. “This certification followed the achievement of SOC 2 Type 1 just a few months ago, and it further validates our commitment to privacy and security. Customers can rest assured that Skyflow has the rigorous controls and processes to protect their sensitive customer data."
What if privacy had an API?
Skyflow is the first zero-trust data privacy vault. Delivered via a simple API, it can be deployed quickly and provides a complete, customizable solution for:
- Compliance
- Data Security, Governance, and Residency
- Secure Data Sharing and Analytics
- Encryption/Tokenization
For fintech companies, Skyflow’s Data Privacy Vault supports modern financial use cases, including money movement, card issuance, card acceptance, customer onboarding, and customer data management. Skyflow is designed for flexible data residency, and is available to customers globally.
Accelerate compliance with a single solution
Conducting a PCI DSS assessment can be a heavy administrative burden for companies that process cardholder data. Companies of all sizes can now use Skyflow’s Data Privacy Vault to:
- Reduce their PCI DSS scope and easily achieve PCI certification for their applications.
- Save time and resources on compliance certification.
- Focus on building their core product versus worrying about PCI data processing and storage needs.
Skyflow worked with an industry-leading consultancy on the Level 1 PCI DSS certification process to help validate its controls and processes maturity. According to Jung Kim, founder of MediRisk, a risk management consultancy, “Working with Skyflow has been such a pleasant experience. Of all the companies I have helped or assessed, Skyflow stands out for their commitment to security and privacy from top to bottom. When so many companies are busy checking the compliance boxes, Skyflow is always eager to ask, ‘how can we get better?’”
About Skyflow
Founded in 2019, Skyflow is a data privacy vault for sensitive data. Our founders wanted to radically transform how businesses handle their users’ financial, healthcare and other personal data -- the data that powers the digital economy. Inspired by the data vaults that leaders like Apple and Netflix built to handle customer data, our vision was to deliver the same kind of data privacy vault as a simple and elegant API, something any developer could easily build into their application, the same way they use Stripe, Twilio, or Okta. Skyflow is based in Palo Alto, California, with offices in Bangalore, India. For more information, visit http://www.skyflow.com or follow on Twitter and LinkedIn.