facebook noscript

VGS Successfully Completes SOC 2 Type II Report

April 15, 2024

The SOC 2 Type II report confirms VGS's commitment to upholding rigorous standards for our customers.

VGS is pleased to announce that we successfully completed the SOC 2 Type II assessment after undergoing a comprehensive annual review that confirmed our fulfillment of all system requirements based on the trust services criteria outlined by the AICPA. This annual assessment is part of VGS's unwavering commitment to upholding elevated security standards.

VGS's SOC 2 Type II report resulted from a thorough examination of our internal controls and systems pertaining to the five Trust Services Criteria (TSC) outlined by the AICPA:

  • Security
  • Availability
  • processing integrity
  • Confidentiality
  • Privacy.2

A SOC 2 examination is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. SOC 2 reports are intended to meet the needs of a broad range of users who need detailed information and assurance about the controls at a service organization relevant to the security, availability, and processing integrity of the systems the service organization uses to process users' data and the confidentiality and privacy of the information processed by these systems.1

“Successfully completing the SOC 2 Type II assessment provides transparency around VGS' practices, providing trust and assurance that VGS is upholding rigorous security standards through established company-wide controls that safeguard our customers' sensitive data. We live in a world with constant threats to data privacy and security. Our SOC assessment proves that VGS is well-equipped to handle today's and tomorrow's threats and provide our customers peace of mind.”
Stu Cianos
VGS's Director of Security & Compliance

As a universal gateway and PCI-compliant vault, VGS empowers our customers by tokenizing sensitive payment data, limiting compliance scope, and consolidating payments to unlock revenue and business opportunities. As one of the world's largest tokenization providers by volume, VGS prioritizes providing customers with an elevated, secure experience that upholds the industry's latest security standards and best practices. Successfully undergoing annual SOC 2 Type II attestation since 2018 demonstrates the ongoing commitment and investment VGS makes to assure trust and security to the customers we serve.

Ready to Get Started?

Create an account with VGS and see how you can collect, store and transmit sensitive data in a processor-agnostic, PCI-compliant vault. It's free to get started, and in less than 10 minutes, you'll set up a baseline tokenization program that matches your unique needs.

Contact Us


  1. “SOC 2® - SOC for Service Organizations: Trust Services Criteria,” AICPA & CIMA, 2024, https://www.aicpa-cima.com/topic/audit-assurance/audit-and-assurance-greater-than-soc-2.
  2. Emily Bonnie, “SOC 2 Type II Compliance: Definition, Requirements, and Why You Need It,” Secureframe, April 6, 2023, https://secureframe.com/blog/soc-2-type-ii.
stu-cianos-headshot Stu Cianos

Director, Security & Compliance

jennifer-marshall-sibert-profile Jennifer Marshall

Marketing Manager


You Might also be interested in...


Are BIN Lookups Enough to Get All the Card Attributes Your Business Needs?

Khyati Srivastava April 29, 2024


Apple Pay is rolling out Merchant Tokens (MPANs)

Khyati Srivastava
Arvind Santhanaraman
March 21, 2024


Java Evolution: Unlocking Performance and Efficiency from Java 8 to 17

Oleksandr Ahitoliev March 18, 2024