Skip to main content
Guardian is part of the Composable Payment Architecture (CPA) — a composable service that’s also available standalone. Guardian is a fully PCI-compliant tokenization service, delivered as managed, dedicated infrastructure. Rather than subscribing to a shared service, you own your data on a private instance run solely for you.

Role in the Hellgate Cloud Platform

Guardian is a fast, simple way to establish compliance. It provides a protective yet actionable layer between your other services and the sensitive data it stores. By taking sensitive data out of scope, Guardian unlocks composability: you can combine services freely without worrying about PCI scope, compliance, or data protection.

Features

Guardian provides comprehensive tokenization capabilities with multiple token types, each designed for specific use cases and compliance requirements.

PCI Tokens

Standard FeaturePCI tokens protect sensitive payment card credentials and keep raw card data out of your systems.

Generic Tokens

Standard FeatureGeneric tokens store arbitrary payloads (for example SEPA credentials, API keys, or other sensitive data).

Add-ons

Extend Guardian’s capabilities with optional add-on features that provide advanced functionality for specific use cases.
Add-on features are subject to extra charges. Contact your account representative to enable these features for your account.

Network Tokens

Add-on FeatureNetwork tokens enable secure tokenized transactions with card schemes. Provision tokens from sessions, PAN data, or existing PCI tokens, depending on your compliance level.

Metadata Inquiries

Add-on FeatureRetrieve comprehensive card and issuing bank metadata from PAN, PCI tokens, or network tokens. Useful for card display, validation, routing decisions, and analytics.

Next steps

Plans & Access

Dedicated infrastructure, tiers, and how to obtain a Guardian instance.

Authentication

Authenticate with an API key, and the scopes that gate each endpoint.