> Encrypting cardholder data with Relay means that your system does not handle c... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

yardstick on Dec 17, 2021 | parent | context | favorite | on: Evervault

> Encrypting cardholder data with Relay means that your system does not handle cardholder data, making Evervault your Cardholder Data Environment.

Does this mean Evervault is a PCI DSS service provider? Do you have an AOC yourselves and are you audited annually by a QSA? I had a quick look but couldn’t find PCI specifics on the site.

ShaneCurran on Dec 17, 2021 [–]

Yes! We have a page coming soon, but Evervault is a QSA-audited service provider and we can reduce your PCI compliance scope to the simplest form (SAQ-A)

yardstick on Dec 18, 2021 | [–]

Thanks!

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact