reduce costs and complexity of NACHA compliance

Our flat fee solution is quick to integrate, makes costs predictable, and reduces the scope of compliance


Predictable Costs

Our open source solution allows you to have unlimited applications, transactions, users, and tokens for one fixed cost.

No more expensive, unpredictable pay-per-use costs.

Easy To Integrate

We expose a simple API for our customers to integrate. No proprietary code or vendor lock-ins. Customers have integrated in as little as an hour (62 minutes, to be precise).

Fewer resources and less time needed to achieve compliance.


Works for startups or large enterprises, and scales easily for those in between.

No need to reinvent your security solution as your company grows.


On-premises and hosted solutions to suit your particular needs.

Solutions that support your technical infrastructure and deployment philosophy.

Mission-critical Availability

Single tenancy and exclusively customer-controlled keys. High availability (HA) and disaster recovery (DR) by default.

Fewer pathways to a breach, and the confidence of full control of your data.

Pass Audits Easily

We focus on the most difficult controls and tokenize your data, removing your application from the scope of audits.

Faster and less stressful audits, saving you time and money.


"The existing ACH Security Framework including its data protection requirements will be supplemented to explicitly require large, non-financial-institution (FI) Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs) to protect deposit account information by rendering it unreadable when it is stored electronically."

Article One, Section 1.6: Security Requirements

  • We encrypt and tokenize sensitive account data, going beyond the minimum requirements
  • Encrypted/tokenized data is removed from the scope of audits as it contains no real account data, thereby saving you and auditors time and effort
  • All transmissions of tokenized data are secured using digital signatures for extra protection in transit
  • Keep your core cryptographic keys secret (with FIPS 140-2 Level 2 certified cryptographic modules): “M of N” Key Custodian control of hardware-protected keys

Phase One Effective Date: June 30th, 2021

  • Affects Originators and Third-Parties with ACH volume greater than 6 million transactions in 2019

Phase Two Effective Date: June 30th, 2022

  • Affects Originators and Third-Parties with ACH volume greater than 2 million transactions in 2020


  • Hardware-based Security
    StrongKey has understood since inception that cryptographic key management cannot be secured without cryptographic hardware. This is why every Tellaro appliance includes a FIPS 140-2 Level-2 Certified TPM as a standard feature! For those whose security policy requirements mandate a Level 3 certified cryptographic module, an optional HSM is available as an integrated component of the Tellaro. This provides some of the highest protection for key generation, use, and storage.
  • Cost-effective
    Our solutions are sold with no per-user, per-transaction, or per-application fees; and all new release upgrades are free to existing customers.
  • Worldwide Installation and Support
    We provide installation and 24×7 support services for the Tellaro appliance; FIDO testing, development, and production; PKI device on-boarding and provisioning; PCI DSS and PSD2 compliance and system integration; customized support services for enterprise and SMBs; thorough vetting of supply chain software for security and ethics; and monthly vulnerability reports on our products and any dependency applications.
  • Open Source
    StrongKey is committed to the open-source community. StrongKey has always been a believer in making its solutions as cost-effective as possible so everyone can afford them. As a result, it has used open-source software components and delivers ALL its software as open-source software using the LGPL 2.1 license.
  • Experience
    StrongKey has been building world-class key management infrastructures for 20 years: Central Banks; Fortune 50 companies; National Telecoms; and dozens of Payment Processors all over the world.