Become PCI DSS Compliant with Payment Vault

Payment Vault enables payment processing integration, data distribution, and the localization of payment data for companies. It secures retention and facilitates PCI compliance with minimal to no changes.

Expand your business into new markets and stay PCI compliant

Data Regulation Map Of Payment Gateway

Data compliance with the InCountry Payment Vault


  • Compliant with the PCI DSS global industry standard
  • Meets local requirements for payment data storage in country of origin
  • Seamless integration into your product or service sales pipelines
  • Versatile security of payment card data


  • Eliminate borders for business expansion
  • Minimize investments into PCI compliance
  • No changes to your infrastructure or business operation
  • Secure customer data against any potential threats
  • Reduce local compliance risk

How it Works

How It works Payment Gateway
Create an integration with Payment Vault on the InCountry Portal.
Payment Vault intercepts all payment requests through the pre-defined endpoint.
Payment Vault encrypts and saves the payment card data to the InCountry platform.
Payment card data is passed to the payment provider for processing.
Tokenized card data is provided to your application backend.

Frequently asked questions

What payment providers are supported?


Currently, Payment Vault only supports Stripe, but we are working hard to expand the list of supported payment providers. Please let us know what payment provider and countries you need by dropping an email to us.

Why do I need to keep payment card data in its country of origin?


Some local regulations require the financial information of the country’s citizens to stay within the country of origin. Such requirements already exist in China, Russia, India, and Indonesia, and the list is sure to expand in the future, as several countries have corresponding legislation pending.

How does the InCountry platform secure payment card data while storing?


Payment Vault encrypts the string containing the cardholder’s name, card number, and expiry date with the AES-256 algorithm. This encrypted data is further stored on the InCountry platform in the country of origin.

Why do you tokenize data when passing it to my application?


Tokenization is applied to the payment card data to preserve the capability to save the customer’s payment card data in your database. This tokenized data can be further used to identify the required payment card when performing recurring payments.

Does the InCountry platform store CVC/CVV codes?


No, CVC/CVV codes are not stored on the InCountry platform.

How do I modify my current sales pipeline?


In general, you just need to create a Payment Vault integration and call our payment form when your customers initiate a payment transaction.

Is your solution PCI DSS compliant?


Yes, yes, and yes. Payment Vault has proven itself to be PCI DSS compliant time and time again.