Skip to main content
The OrchestratorX Card Vault is a highly performant and secure vault to save sensitive data such as payment card details, bank account details etc. It is designed in a polymorphic manner to handle and store any type of sensitive information making it highly scalable with extensive coverage of payment methods and processors. OrchestratorX Card Vault is built with a GDPR compliant personal identifiable information (PII) storage and secure encryption algorithms to be fully compliant with PCI DSS requirements. Contact support@orchestratorx.com for setup assistance and integration guidance.

How does OrchestratorX Card Vault work?

  • Your application communicates with OrchestratorX Card Vault via a middleware.
  • All requests and responses to and from the middleware are signed and encrypted with the JWS and JWE algorithms.
  • The vault supports CRD APIs on the /data and /cards endpoints.
  • Cards are stored against the combination of merchant and customer identifiers.
  • Internal hashing checks are in place to avoid data duplication.

Key Hierarchy

  • Master Key — AES generated key that is encrypted/decrypted by the custodian keys to run the vault and associated configurations.
  • Custodian Keys — AES generated key used to encrypt and decrypt the master key. It is broken into two keys (key 1 and key 2) and available with two custodians to enhance security.

Setup

For setup assistance, contact support@orchestratorx.com.