If you store credit card data, our tokenization API provides enhanced security and reduces the scope of your PCI audits
Quatrix Vault provides highly secure, PCI compliant, off-site storage for credit cards (or other sensitive information).
By encrypting data using a split-key system, it becomes unreadable on both your server and the Quatrix Vault server unless both parts of the key are combined using the secure API.
For added security, each time a file is accessed a new encryption key is generated. If any unusual activity is discovered (multiple requests, for example) then the system is locked until verification of authorization is provided, making data harvesting extremely difficult.
This powerful technique can be applied to files of any type or size, and can be fully integrated into your existing systems.
Quatrix Vault FAQs
- What is split-key encryption?
- Is Maytech PCI compliant?
- How does Quatrix Vault help to reduce the scope of PCI compliance?
- Will I need to do any development work?
Split key encryption generates two keys, both of which are required to unencrypt data.
Quatrix Vault uses this method to generate one key to keep and one to send back to the customer for each piece of data stored.
Maytech is PCI compliant.
We are also certified compliant with the internationally recognised ISO 27001 information security management standard, which is audited twice yearly by Lloyd’s Register Quality Assurance, a leading quality assurance provider.
PCI compliance is required for the handling and storage of payment card data.
Since you will not be storing the card data, security provisions around storage are no longer required.
You will need to manage the collection, tokenization and retrieval of customer data and process transactions.
Your existing or planned software solution will need to be connected to Quatrix Vault using our RESTful API to take advantage of secure off-site storage of CC details.
- Can you help me get set up?
- Will this mean I am tied in to a payment provider?
- Can Quatrix Vault store data other than payment card details?
Yes. Our team will work with you to evaluate, specify and customise the solution to your needs to ensure you are happy that it provides what you require.
No. By connecting to more than one payment gateway, you can take advantage of the best fees for different regions or cards, or even avoid any technical issues by switching between payment providers.
Because the card details are stored securely in Quatrix Vault, you simply request them when required to make a payment.
Any data can be stored in Quatrix Vault from secure documents to Social Security Numbers or Passwords.
Talk to our team if you have a specific use case in mind and we’ll review how we can best help you.
Key features of Quatrix Vault
Reduced risk of data breaches
The added layer of security provided by Quatrix Vault means that there will be a lower risk of data breaches affecting stored PCI data.
Reduced PCI Scope
Payment Card industry Data Security Standards apply to the processing and storage of card data. Since you won’t be storing card data, this part does not apply to you.
Secure offsite storage
Maytech’s servers are located at Tier 3, ISO 27001 certified facilities with strong physical and electronic security. They also have access logs, uninterruptible power supplies and fire suppression systems.
Strong data encryption
Quatrix Vault encrypts your data with AES 256 bit encryption and stores it in an encrypted state, so only you can access your customer’s card data.
High availability API
Maytech provides a high-availability service with significant redundancy in all critical resources.
Secure modern tokenization
Quatrix Vault uses a modern data security approach to storing PCI data with the use of Tokenization, which is widely accepted to add data security within the card processing industry.