The Payment Card Industry Data Security Standard (PCI DSS), is a global security standard which applies to any organisation which stores, processes or transmits cardholder data.
PCI DSS is a particularly thorough security standard which requires significant overhead to manage and demonstrate the security of card data, often costing companies $100k+ per year. That’s why organisations who handle cardholder data use Evervault to de-risk and de-scope their environments.
Evervault’s PCI Compliance solution uses three Evervault Primitives (Inbound Relay, Outbound Relay and Inputs) which can be used to collect, share and display card data without handling it in plaintext. With minimal code changes, you can significantly reduce your PCI Scope and eliminate much of the engineering and financial overhead associated with implementing and maintaining PCI DSS compliance.
If you’d prefer to learn more about PCI Compliance before starting this guide, we’ve written extensively about it here.
Customers who use Evervault to become PCI Compliant typically use one of two workflows for handling cardholder data. Select the guide that’s most applicable to your product.