Many of Orchstra's customers are service provides themselves who have integrated our APIs into their own product and then offer it to their customers as their own.
In order to process charge requests on behalf of their customer, the service provider would need to store the merchant credentials of the customer to the chosen payment processor(s). While this information does not fall under any compliance regulation, it is somewhat sensitive data and should be secured and guarded properly.

In an effort to offset the security requirements of our customers (the service providers), we have created the Payment Gateway Account system. With it, customers can store, within our secure vault, the merchant account details of their customers for all the payment processors that their customers need to use.
Once stored, these credentials can then be referenced within the Universal Payment Gateway action that is needed to be performed for this customer.