News - Piiano Achieves PCI DSS and SOC2 Certification

Dual certification reinforces commitment to help organizations meet security, confidentiality standards

Piiano, a data protection and privacy company, today announced that its Piiano Vault has successfully achieved PCI DSS Level 1 certification, complementing its existing SOC2 Type II certification. These latest accreditations mark significant milestones in its commitment to data security and make data security-by-design accessible to organizations of all sizes and levels of maturity.  

The dual certifications--combined with advanced technology offered by the Piiano Vault SaaS platform--establish the highest level of trust from enterprise users to confidently offload the secure storage and tokenization of payment information, as well as other types of sensitive and personal data like PII, PHI and secrets. In doing so, Piiano helps organizations overcome technical and cost-related limitations, enabling them to achieve robust data protection.  

“We're very proud of our efforts to create and bring to market the first privacy-focused AI device,” said Matt Domko, head of security at Rabbit. “Partnering with Piiano has made it easy for our engineers to deliver innovative features in a way that provides built-in controls for data governance. Knowing that our customer data is vaulted with a partner who maintains both PCI and SOC2 compliance reinforces that decision.”

The Piiano Vault SaaS platform secures payment details and sensitive data, and functions as a proxy to payment providers. To ensure comprehensive and efficient interaction with Piiano Vault’s features and functionalities, development teams can integrate with the platform using language-specific SDKs and REST APIs. 

With Piiano Vault, organizations can: 

• Confidently and securely collect and use payment data 
• Reduce PCI compliance effort to a minimum, or even skip it completely 
• Deploy a turnkey solution with a simple API integration 
• Escape vendor lock-in and skip transactional fees 
• Work with any payment provider to optimize costs 

Piiano is a comprehensive data security solution for developers that protects sensitive customer data right from the source. Piiano Vault enables organizations to store, manage, encrypt and tokenize sensitive data with privacy-by-design controls for building secure applications. Piiano Flows helps companies manage data exposure risk at the code level by statically analyzing code changes and preventing data leaks from reaching production. 

SOC2 

SOC2 is a reporting framework to address growing needs of assurance around data security and privacy practices for organizations that collect personal information. The framework requires the implementation of strict policies and procedures for handling information, such as data security, privacy, availability, processing integrity and confidentiality. It must be maintained with regular monitoring, testing and auditing. It is very reputable for its effectiveness in driving and improving throughout organizations. 

PCI DSS 

PCI DSS emerged from a collaborative effort within the payment card industry, by companies that include Visa and AMEX to address concerns about credit card fraud, data breaches and the facilitation of secure payments. The framework is made up of a strict set of security standards specifically designed to protect cardholder data during payment transactions. 

Achieving these certifications was done with the help of Acytal. Scytale’s expertise and technology helped take our compliance to the next level by automating the lengthy processes involved with SOC 2 and PCI DSS compliance, providing a single source of truth to track and monitor all our audit requirements.