Apigee Delivers API PCI-DSS Compliance

Apigee justannounced their Apigee Enterprise Cloud PCI, a new offering that enables organizations to deliver transactional APIs, securely deployed in a private or public cloud.

Apigee's new Enterprise Cloud PCI supports full compliance with the Payment Card Industry Data Security Standard (PCI-DSS), while taking advantage of the compute resources of the cloud to support transactional API traffic and sensitive customer data.

To fully protect critical customer credit card information, there's an increased focus on compliance, especially as more e-commerce services shift to cloud computing and APIs, said Chet Kapoor, Apigee CEO. ...The Apigee Enterprise Cloud API also protects and screens sensitive data flowing between an application and an API residing on a public cloud, so businesses can now confidently broaden their e-commerce network with transactional APIs.

The Apigee Enterprise Cloud PCI solution is deployed in PCI-compliant data centers, allowing customers to:
  • Build and deploy transactional APIs
  • Maintain PCI compliance and data protection of all API traffic
  • Tap the scalability of the cloud for secure transactional APIs
The Apigee Enterprise Cloud PCI can also be deployed on-premise, delivering the same capabilities for in-house PCI-DSS compliant deployments.

PCI-DSS is associated with e-commerce, and financial transaction security, but can be universally applied to securing any online transactions. The availability of this type of API security will go a long way in convincing IT departments to deploy their API infrastructure in the clouds.