The AuricVault® tokenization API supports three integration methods:
- Server-Side from any programming language capable of generating JSON and HTTPS POST calls.
- Custom Embedded iFrame (hosted within Auric's PCI-compliant production environment).
- Vault-Managed Encryption: Let Auric take care of the data encryption.
- Locally-Managed Encryption: Encrypt your data before storing it in the AuricVault® service.
Bring Your Own Tokens
Migrate your already tokenized data to the AuricVault® service and keep using the token IDs you already have. Auric's auto-generated token IDs are 19 characters. You can bring your own tokens with up to 40 characters.
Browser-Side Tokenization and Detokenization
The vault-managed encryption supports browser-side tokenization and detokenization. This allows sensitive data to be tokenized and detokenized directly from a user's browser without ever touching your server.
Divide your tokenized information into different groups called segments. Segments have many uses. You can keep different types of data in different segments (credit card accounts and tax IDs, for example) and have different data access rules for each segment. Or, if you are storing data for multiple business partners, you can create a segment for each business partner's data and define credentials with access only to that segment. There's a variety of ways segments can be used to further isolate data.
Fine-Grained Access Controls
Each account can configure their AuricVault® credentials to have one, two, or many sub-credentials (called an MTID). Token access is associated with each MTID. For a simple installation, a company may want only a single MTID with all access functionality. Other examples are:
- One MTID to create tokens and a second MTID to retrieve them. The Create MTID does not have the ability to retrieve tokens. A store-only MTID is useful to give to a third-party partner to store data on your system that they cannot retrieve. Telemarketing partners are one example.
- One MTID to create tokens and multiple MTIDs to retrieve them. This configuration is used by hospitality and B&B websites. The company website creates tokens (typically through an iFrame) for all their clients. Each client has their own credential for retrieving tokens. In this example, each client's tokens would also be put into a separate segment, isolating their data from all the other clients.
The access control options can get quite complex. The Auric technical team will conference with you during your evaluation period to determine the best configuration approach for you.
Automatic Retention Policies
Define how long your tokenized data is kept before automatic deletion. Multiple retention periods can be configured for different types of data. You define the retention as you create each token. Default retention periods are "big-year" (14 months) and "forever" (never deleted). Retention periods are defined in days after the last time a token is accessed (read, updated, decrypted, touched, or used for payment).Custom retention periods can be configured.
Affordable and Predictable Pricing
Whether your business is in start up phase or a seasoned enterprise the AuricVault® service has pricing that fits your budgetary requirements.
Fees are based on the number of tokens you store, not the number of times you touch that token. There are no per-transaction fees.
The AuricVault® service pricing starts at USD $600.00 per year for up to 5,000 stored tokens or USD $100.00 per month for up to 10,000 stored tokens and scales affordably to accommodate millions of stored tokens. Use our Fee Calculator to calculate your token storage fee.
You Own Your Data
Your tokenized data should be your data. The AuricVault® service ensures you have access when you need it. Auric provides bulk detokenization services for your stored tokens and supports migrating your tokens to a third party. You're tokenized data is not locked in to a single provider.
Auric provides a range of custom solutions to simplify integrating tokenization into your data flow:
- Inbound Edge Tokenization
- Outbound Edge Detokenization
- AuvProxy Service
- Bulk Tokenization
- Outbound Data Proxy
Contact sales@AuricSystems.com and tell us about your custom requirements.
Optional Payment Processing
The AuricVault® service provides a Payments Passthrough option and a Token Swap option. The Payments Passthroughoption supports leading payment processing gateways and is expanding that support around the globe. The Token Swap option lets you generate payment processor-specific tokens for use in your own systems.
Try Before You Buy
Auric recognizes that every environment is unique. Evaluating the AuricVault® service can be accomplished with our evaluation kit. The free evaluation kit provides every thing you need, including access to our expert team, so you can determine its merits.