Dashboard

Core Concepts

Learn what Evervault does, how it fits into your architecture, and how to start building with it. This page connects the dots between our platform, your use case, and a secure integration path.

Understand Evervault from the ground up

Evervault is a developer-first platform for orchestrating secure data flows - enabling seamless collection, storage, processing, and forwarding of sensitive information without adding compliance burden. It’s designed to fit into your existing stack with minimal effort, so you can stay focused on building your own data orchestration. At its core, Evervault encrypts sensitive data into ciphertext which can be safely stored in your infrastructure and decrypted at runtime.

How is the data stored?

Evervault doesn't use a traditional token vault model. Instead, we use a Dual Custody encryption model to deliver high-performance, high-security protection for sensitive data. With this architecture, you store the encrypted data while we manage the keys.

There’s no need for developers to handle encryption keys directly, and data is never stored in Evervault’s infrastructure. Instead, sensitive information is collected through our products and instantly returned in an encrypted format, ready to store or pass to downstream systems.

The Dual Custody model has two key advantages compared to traditional token vaults:

  • It's faster

    There’s no need for database lookups on our side, which means lower latency and better throughput.

  • It's more secure

    Even if one side is compromised, the data is still safe. An attacker would need to breach both your infrastructure and Evervault to access decrypted values.

It’s tokenization, reimagined for performance, privacy, and strong architectural boundaries. To start collecting or tokenizing your data, you can use Card Collection to encrypt card holder data or our SDKs to encrypt any other data you need.

I’ve encrypted my sensitive data, now what?

Once your sensitive data is encrypted and stored securely in your infrastructure, the next step is putting it to use — securely. That’s exactly what Evervault’s Core Products are designed for: enabling encrypted data to move, transform, and integrate without compromising security or compliance. These tools open up a wide range of use cases, including:

  • Sending decrypted data to a third-party service.
  • Encrypting incoming data from a third party before storage.
  • Fetching and decrypting sensitive data from your own backend, in transit.
  • Relay

    Relay is a configurable network proxy that can automatically encrypt or decrypt data in transit—between your app and your own APIs, or any third-party APIs.

  • Functions

    Functions are secure, serverless code environments that decrypt encrypted data at runtime, allowing you to process it without exposing it in your infrastructure.

Evervault for Payments

Evervault gives you flexible tools to use that data to run payments self-orchestration without compromising security or compliance. Build and manage your credit card vaults, design smart routing logic, run multi-psp setups, build anti-fraud workflows, and more.

  • Run operations on encrypted card data using our Payments products, like performing network tokenization, running 3D Secure authentications, or sending/receiving data to and from PSPs—all without ever decrypting it yourself.

  • Enable point-to-point encrypted transport to third parties (like payment processors or fraud tools) via Evervault Relay, maintaining full PCI compliance while keeping data completely shielded from your app and infrastructure.

  • Stay out of scope for PCI: our Level 1 Service Provider status and architecture let you handle card data workflows without bringing your systems into PCI scope.

Whether you're building a checkout flow, tokenizing cards, or routing data to partners, Evervault makes it secure and compliant by default—while keeping performance and developer experience front and center.

Cards

Products for building modern, secure, and compliant payment flows.

  • Card CollectionSafely collect and encrypt card data with our card collection product.
  • 3D SecureReduce fraud & improve conversions by adding 3D Secure to your payment flows.
  • Network TokensModernize your payment flows by using network tokens instead of card numbers.
  • Card Account UpdaterAutomatically update card details without the need for user interaction.
  • Bin LookupRetrieve metadata for card numbers and BIN ranges.
  • Card RevealSafely display encrypted card numbers in plaintext to your customers.
  • Apple PayAdd mobile payments to your payment flows with Apple Pay.
  • Google PayAdd mobile payments to your payment flows with Google Pay.

Getting Started

Teams, Apps & Sandboxes

Your Evervault account is organized around Teams, which act as the top-level container for everything you build. Within a Team, you can create and manage multiple Apps—each with its own configuration, keys, and data flows. Apps can be designated as either Production or Sandbox environments, depending on their purpose.

Sandboxes are purpose-built for testing, simulation, and pre-production validation. They provide isolated environments that mirror production behavior, but without risking real data. Every Sandbox App includes access to all Enterprise features, including advanced tooling like simulated card updates, webhook event triggers, and custom policy testing. This lets you build and iterate confidently, ensuring that production data stays untouched while you fine-tune your integrations.

Production data

Sandbox environments simulate all values and behaviors. If you require production-level data—such as card scheme responses, ACS Server responses, or live webhook payloads — you’ll need to speak with our commercial team to access a production proof-of-concept (POC) environment for live testing.

Contact Support

Integrating with Evervault

You can integrate with Evervault using our client SDKs, server SDKs, REST API or CLI — depending on your application architecture. With developer-friendly tooling and a fast integration path, engineering teams can go from idea to implementation in hours, not weeks. with minimal effort, so you can stay focused on building your own data orchestration.

Client-Side SDKs

  • CLIThe Evervault CLI allows you to configure your Evervault integration from the terminal.
  • JavaScriptEncrypt data and collect sensitive data in the browser
  • ReactIntegrate Evervault with your React applications
  • iOSIntegrate Evervault with your iOS applications
  • AndroidIntegrate Evervault with your Android applications
  • React NativeIntegrate Evervault with your React Native applications

Server-Side SDKs

  • NodeIntegrate Evervault with your Node.js applications
  • PythonIntegrate Evervault with your Python applications
  • RubyIntegrate Evervault with your Ruby applications
  • JavaIntegrate Evervault with your Java applications
  • PHPIntegrate Evervault with your PHP applications
  • GoIntegrate Evervault with your Go applications

On this page