ACAI detects and redacts PANs, credit card numbers, and financial identifiers before they reach inference models. Every access is authenticated, logged, and retained per PCI DSS v4.0 requirements.
Built for payment processors, fintech companies, and merchants handling cardholder data.
Every API request generates evidence mapped to these controls automatically.
PII/PAN detection active on every request. Credit card patterns detected and redacted before logging.
API key authentication required. Per-user key scoping. No shared credentials.
256-bit API keys stored salted+hashed. Entra ID SSO for dashboard. No plaintext secrets.
All requests logged with user ID, timestamp, model, status, IP hash. Dual PostgreSQL + immutable Blob sinks.
Configurable retention: 90 days (Pro) to unlimited (Enterprise). Legal hold support for investigations.
Credit card numbers caught by regex patterns before they reach the model or audit logs.
SSN, IBAN, bank account numbers — 14+ patterns plus Azure AI NER for addresses and names.
One-click PCI DSS evidence report mapping your API usage to v4.0 requirements. Ready for your QSA.
One API key. One BAA. PCI DSS evidence your auditor will accept.