Astute is an international consumer-engagement software company based out of Columbus, Ohio. It offers a suite of AI-driven software-as-a-service (SaaS) products, such as CRM tools, a social media management application, a knowledge management application, voice chat, video and more. Astute provides these vital customer service aids to large consumer product brands around the world to streamline their customer service processes across all channels, from helping customer service agents interact smoothly with customers to providing effective self-service tools.

Meeting the Challenge: In the past, most of Astute’s customers didn’t need to store cardholder data in their environments and therefore weren’t subjected to PCI requirements. But as the demand for frictionless transactions and instant payments increased, it became clear that storing cardholder data (CHD) no longer was avoidable. As a result, Astute recognized the importance of finding a versatile, scope-reducing solution while working toward PCI certification for its suite of products.

TokenEx is Secured by Armor. Download this case study to learn more.

Quick Glance


  • Technology

Cloud Provider


Customer Problem

  • Astute’s search for a new PCI solution became a top priority while working with one of its larger customers. The customer, a concierge service provider, had an initial 300,000 cardholder records on file that it needed to have stored securely. In addition to storing and securing those records, Astute needed to work directly with the customer’s clients, all global card services providers, to satisfy their strict compliance requirements. With that in mind, Astute’s ideal solution was an established, certified tokenization provider capable of operating in concert with Astute’s current environment. That solution was TokenEx’s flexible, cloud-based tokenization hosted by Armor’s scalable, secure platform.

Armor Solution


  • By using Armor, a TokenEx partner, to host the CRM pages where sensitive data was accepted, Astute significantly reduced its scope without interrupting the graphical user interface it created for its customers to retrieve sensitive data. Not only did TokenEx effectively meet its two main goals of security and compliance, but it also exceeded expectations with a “surprisingly straightforward” integration process and a rollout time of just a few weeks from design to development.

It allowed us to offload that scope and keep it contained in one specific area ... separate from our production operation. We were also impressed that TokenEx had the payment gateway capabilities as well, since in the past we’ve used that method of handling transactions to help offload scope even further. … That was a big selling point.

Chris Conner CISO

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals