Payment Gateway Customer Vault
Ensure Customer Security and Stay PCI DSS Compliant
PCI Compliance & Customer Security
The Customer Vault is a unique feature of the CyoGate Payment Gateway that was designed specifically for businesses of any size to address security concerns about handling customer payment information. Visa and MasterCard have instituted the Payment Card Industry (PCI) Data Security Standard to protect cardholder data wherever it resides ensuring that members, merchants, and service providers maintain the highest information security standard.
These associations have also deemed that merchants will be held liable for any breach of cardholder data. This has become a major concern for merchants who may handle credit card or electronic check payments, but are looking to avoid the tremendous costs and resources involved in becoming PCI compliant.
Customer Vault Solution
The Customer Vault allows merchants to transmit their payment information through a Secure Sockets Layer (SSL) connection for storage in our Level 1 PCI certified data facilities. Once the customer record has been securely transmitted to the Customer Vault, the merchant can then initiate transactions remotely without having to access cardholder information directly. This process is accomplished without the merchant storing the customer's payment information in their local database or payment application.
Furthermore, using CyoGate's Browser Redirect Method in conjunction with the Customer Vault allows merchants to process transactions without transmitting any payment information through their web application. This unique approach provides best of class application flexibility without any PCI compliancy concerns. The CyoGate Redirect API (Advanced Programmers Interface) is available by request of the project manager.
If, like most merchants, you're concerned with PCI compliance, CyoGate also offers PCI Compliance Certification that includes a $50,000.00 insurance policy per occurrence in the event of a merchant breach.
Use Cases for the Customer Vault
Recurring Billing & Subscriptions
Store a customer's card once at enrollment and charge it automatically on any schedule — weekly, monthly, annually, or custom. Because the card data lives in the vault and not in your systems, you satisfy PCI DSS scope reduction requirements without building your own secure storage. The recurring billing module works hand-in-hand with the Customer Vault for full subscription automation.
One-Click Checkout for Returning Customers
Returning customers can complete purchases without re-entering card details. The vault stores a tokenized reference — your checkout passes the token to the gateway, the gateway retrieves the card and processes the transaction. Your customer experiences a frictionless checkout; your systems never see raw card data.
Phone & Mail Order (MOTO) Repeat Customers
For businesses that process MOTO transactions by phone or email, the Customer Vault eliminates the need to ask returning customers to read their card number aloud with every order. Look up the vault record, confirm identity, and process — faster and more secure.
Installment Billing
Businesses that offer payment plans can store the card at the time of the initial agreement and charge each installment automatically. No need to contact the customer for card details at each billing cycle.
Customer Vault & PCI Compliance
Storing payment card data in your own systems triggers the most demanding tier of PCI DSS compliance. The Customer Vault removes that obligation — because card data lives in CyoGate's Level 1 PCI-certified facility, your PCI scope drops dramatically. Combined with CyoGate's CertifyPCI tool, many merchants can complete their annual compliance self-assessment in under an hour.