Case Study: Astute minimizes PCI scope and secures cardholder data with Armor

Minimize PCI Scope While Securing Stored Sensitive Data

Astute, an Ohio-based provider of AI-driven customer-engagement SaaS used by large consumer brands, faced a new challenge when customers began needing to store cardholder data—exposing Astute to PCI requirements it had previously avoided. The company wanted a versatile solution that would secure stored sensitive data and minimize PCI scope without significant changes to its SaaS platform or disrupting customer operations.

Astute implemented TokenEx’s cloud tokenization (hosted via Armor) using an iFrame/pop-up and a tokenization gateway so card data is captured, tokenized and stored outside Astute’s production environment; the integration supported both batch migrations and API calls to meet diverse customer needs. The result was a seamless, vendor-agnostic rollout in weeks, successful PCI certification within months, no cardholder data traversing Astute’s network, and a scalable, compliance-friendly solution for global customers.

Astute

Chris Conner

Chief Information Security Officer