Key Takeaways
- Evervault raised $25 million in Series B funding led by Ribbit Capital, with participation from Sequoia Capital, Index Ventures, Kleiner Perkins, and Operator Partners – bringing total funding to $46 million.
- The Dublin and New York-based startup achieved 4x year-over-year revenue growth and processed over $5 billion in transaction volume in the past year, generating 100M+ encrypted tokens monthly.
- Evervault operates 7,000+ integrations with banks and financial institutions, and its customers reduce PCI DSS compliance costs by an average of $100,000 while achieving compliance 95% faster.
- Founded by Shane Curran, a former BT Young Scientist winner who started the company at age 19, Evervault’s mission is to become the “Internet’s clearinghouse for sensitive data”.
Quick Recap
Evervault, a developer-first encryption and data orchestration platform, officially announced on March 5, 2026, that it has closed a $25 million Series B financing round led by Ribbit Capital. The round saw participation from marquee venture firms including Sequoia Capital, Index Ventures, Kleiner Perkins, and Operator Partners, pushing Evervault’s cumulative funding to $46 million. The company confirmed the news via BusinessWire and its official blog, with CEO Shane Curran framing the raise as a step toward building what he calls the “Internet’s trust layer”.
Encryption as Infrastructure
Evervault’s core product addresses a deceptively simple but massive problem: sensitive data – card numbers, personally identifiable information, transaction details – still flows through enterprise systems in plaintext, exposing companies to breach risk and regulatory liability. Evervault flips this model by encrypting data at the point of entry and keeping it encrypted end-to-end through processing, routing, and storage.
The technical architecture relies on Amazon Web Services’ Nitro Enclaves – hardened, isolated virtual machines where all cryptographic operations take place. Evervault employs industry-standard AES-256-GCM for symmetric encryption and Elliptic Curve Diffie-Hellman (ECDH) for key exchange. The company uses a “dual custody” model: encryption keys are split using Shamir’s Secret Sharing, with one half stored on the client’s infrastructure and the other on Evervault’s, meaning a hacker would need to breach both systems simultaneously to decrypt any data.
For payment companies, the practical result is significant. Through a single integration, customers can build a secure payment orchestration layer with 7,000+ bank integrations, cut PCI DSS compliance costs by approximately $100,000, and ship secure payment systems in days rather than weeks. Clients including CarTrawler, Ramp, Rippling, Overwolf, and Uniswap already rely on the platform.
Justin Saslaw, general partner at Ribbit Capital, noted: “Evervault is building the core infrastructure that lets companies handle that data securely without it becoming an anchor on their business, turning what was previously a compliance burden into a fundamental foundation for faster innovation”.
Data Explosion Meets Agentic AI
The timing of this raise is not accidental. Global data volumes are projected to exceed 527 zettabytes by 2029, doubling roughly every three years. Yet the tools most enterprises use to track, protect, and comply with regulations around sensitive data remain fragmented and outdated.
The rise of generative AI and agentic workflows – where AI systems autonomously process, exchange, and act on data – has made this problem exponentially worse. Automated, high-velocity data exchange means sensitive information touches more systems, more APIs, and more third-party endpoints than ever before. Traditional compliance frameworks that assume some plaintext exposure is inevitable are becoming a liability in this environment.
Evervault is positioning its “encrypt-by-default” philosophy as the architectural answer. Shane Curran put it bluntly: “Sensitive data should be treated like hazardous material. Systems must be designed so it isn’t touched in the first place”. As regulatory scrutiny intensifies globally – from PCI DSS 4.0 to GDPR enforcement actions – the demand for infrastructure that embeds compliance into the application layer, rather than bolting it on afterward, is growing rapidly.
Competitive Landscape
Evervault operates in a growing market of payment data security and tokenization startups. The two most directly comparable competitors at a similar growth stage are Basis Theory and Very Good Security (VGS).
| Feature / Metric | Evervault | Basis Theory | Very Good Security (VGS) |
| Founded | 2019 (Dublin, Ireland) | 2020 (Mill Valley, CA) | 2016 (San Francisco, CA) |
| Latest Round | $25M Series B (Mar 2026) | $33M Series B (Oct 2025) | $60M Series C (Dec 2020) |
| Total Funding | $46M | ~$50M | ~$105M |
| Lead Investor(s) | Ribbit Capital | Costanoa Ventures | Vertex Ventures US |
| Primary Approach | End-to-end encryption (AES-256, ECDH, Nitro Enclaves) | Cloud-native tokenization vault | Zero Data / aliased data custodianship |
| Core Focus | Payment data encryption + orchestration | Processor-agnostic payment tokenization | Broad sensitive data security (payments, PII, health) |
| PCI Compliance | Customers achieve compliance 95% faster | PCI Level 1, SOC2, ISO 27001 compliant vault | PCI DSS compliant, acts as data custodian |
| Key Differentiator | Encryption-first (data never exists in plaintext) | Merchant data portability across processors | Zero Data model – removes sensitive data entirely from client systems |
| Notable Customers | Ramp, Rippling, Uniswap, CarTrawler | Pinterest, MoneyGram, Melio | Brex, Deserve (historical) |
While Evervault leads in pure encryption infrastructure with its Nitro Enclave-backed architecture ensuring data never exists in plaintext anywhere, Basis Theory wins on merchant data portability – allowing companies to switch payment processors without re-collecting card data from customers.
VGS, the most mature player by funding, has pivoted toward a broader data custodianship model but has seen slower recent momentum compared to the other two. For companies specifically focused on payment orchestration with compliance baked in, Evervault’s single-integration approach and 95%-faster compliance claim make it the most compelling option for developer teams shipping fast.
Techno Trenz’s Takeaway
I think this is a big deal and not just because of the investor names on the cap table.
In my experience covering the fintech infrastructure space, the companies that win aren’t the ones building the flashiest dashboards – they’re the ones building the boring, essential plumbing that every other company needs but doesn’t want to build themselves. Evervault fits that pattern perfectly. The fact that they’ve hit 4x revenue growth and are processing $5 billion in transaction volume with a relatively lean team tells me the product-market fit is real, not a fundraising narrative.
The explosion of agentic AI workflows means more sensitive data is being passed between more systems than ever, and most enterprises are still duct-taping together compliance solutions that were designed for a slower era. Evervault’s “encrypt-by-default” approach feels like the right architectural bet for a world where AI agents are autonomously moving payment data across borders and APIs.
