Plans & Features
This page describes which features are available on each plan for SDK, MCP, and REST API.
Plan Overview
| Plan | Best for | Price (USD) | Price (JPY) | API calls/month |
|---|---|---|---|---|
| Free | Individuals & evaluation | $0 | ¥0 | 300 |
| Starter | Individual use (1 seat) | $19 / month | ¥2,980 / month (tax excl.) | 10,000 |
| Business | Teams up to 50 | $330 / month | ¥49,800 / month (tax excl.) | 300,000 |
| Enterprise | Large organizations & custom requirements | Contact us | Contact us | Unlimited |
API call limits
1 call = 1 endpoint invocation (mask / detect / restore / detectInjection etc. all count equally). Unused calls do not roll over. Business plans are charged ¥0.2 / 1,000 calls when the monthly limit is exceeded.
Annual billing — save 2 months
Annual plans: Starter $190/yr (¥29,800/yr) · Business $3,300/yr (¥498,000/yr).
MCP Server (@pii-firewall/mcp-server)
Tools available from Claude Desktop and AI agents.
| Tool | Description | Free | Starter | Business | Enterprise |
|---|---|---|---|---|---|
mask_pii | Detect, mask & tokenize PII | ✅ | ✅ | ✅ | ✅ |
restore_pii | Restore one token by ID | ✅ | ✅ | ✅ | ✅ |
detect_pii | Detect only (no masking) | ✅ | ✅ | ✅ | ✅ |
restore_all | Restore all tokens in text | ✅ | ✅ | ✅ | ✅ |
detect_injection | Prompt injection detection | ✅ | ✅ | ✅ | ✅ |
store_status | Check secret-share TTL status | ❌ | ✅ | ✅ | ✅ |
What can I do on Free?
The full mask → detect → restore workflow and injection detection are all available on Free, with no monthly caps.
Node.js SDK (@pii-firewall/sdk)
Coming soon
@pii-firewall/sdk is not yet published to npm. Apply for early access
| Feature | Description | Free | Starter | Business | Enterprise |
|---|---|---|---|---|---|
fw.mask(text) | Mask PII in text | ✅ | ✅ | ✅ | ✅ |
fw.maskMessages(messages) | Mask chat arrays (OpenAI/Anthropic format) | ✅ | ✅ | ✅ | ✅ |
fw.restore(id) | Restore one token | ✅ | ✅ | ✅ | ✅ |
fw.restoreAll(text) | Restore all tokens in text | ✅ | ✅ | ✅ | ✅ |
fw.detect(text) | Detect PII only | ✅ | ✅ | ✅ | ✅ |
fw.detectInjection(text) | Prompt injection detection | ✅ | ✅ | ✅ | ✅ |
fw.detectAllInjections(text) | SQL + prompt composite injection detection | ✅ | ✅ | ✅ | ✅ |
fw.detectSQLInjection(text) | SQL injection detection | ✅ | ✅ | ✅ | ✅ |
| PII types | Built-in detection types | 24 types | 24 + custom | 24 + custom | 24 + custom |
lang option | JA / EN mode switching | ✅ | ✅ | ✅ | ✅ |
| Cryptography | Engine | Basic | Advanced | Advanced | Advanced |
Differential privacy (dpMode) | Numeric noise injection | ❌ | ❌ | ✅ | ✅ |
| Custom PII rules | Industry-specific patterns | ❌ | ✅ | ✅ | ✅ |
| Express middleware | createExpressMiddleware | ✅ | ✅ | ✅ | ✅ |
| Hono middleware | createHonoMiddleware | ✅ | ✅ | ✅ | ✅ |
SDK runs locally
The SDK and MCP run @pii-firewall/core locally. Core functions (mask, restore, detect) work without a network connection — your data never leaves your device.
REST API (proxy)
| Endpoint | Description | Free | Starter | Business | Enterprise |
|---|---|---|---|---|---|
POST /chat | PII-protected AI chat | ✅ | ✅ | ✅ | ✅ |
POST /mask | Mask text | ✅ | ✅ | ✅ | ✅ |
POST /restore | Restore token | ✅ | ✅ | ✅ | ✅ |
POST /detect | Detect PII only | ✅ | ✅ | ✅ | ✅ |
POST /detect-injection | Prompt injection detection | ✅ | ✅ | ✅ | ✅ |
POST /detect-all-injections | SQL + prompt composite injection detection | ✅ | ✅ | ✅ | ✅ |
POST /detect-sql-injection | SQL injection detection | ✅ | ✅ | ✅ | ✅ |
POST /upload | File conversion (Excel, PDF, etc.) | ❌ | ✅ | ✅ | ✅ |
POST /chat-multi | Multi-AI provider | ❌ | ✅ | ✅ | ✅ |
| Custom PII rules | Industry-specific patterns | ❌ | ✅ | ✅ | ✅ |
| Vault (cloud-managed restore keys) | Cloud key management | ❌ | ❌ | ✅ | ✅ |
| Differential privacy | dpMode: true | ❌ | ❌ | ✅ | ✅ |
SLA & Support
| Plan | SLA | Support | Team invites |
|---|---|---|---|
| Free | None | None | ❌ |
| Starter | None | ❌ (1 seat) | |
| Business | 99.5% | Priority email | ✅ (up to 50) |
| Enterprise | Custom | Dedicated manager | ✅ (unlimited) |
FAQ
Q: Are all 24 PII types available on Free?
Yes. All 24 built-in types — names, email addresses, phone numbers, My Number, credit cards, and more — are available on Free. Custom rules (industry-specific patterns) require Starter or above.
Q: Is there a limit on injection detection calls?
No. detect_injection, detect_all_injections (SQL + prompt composite), and detect_sql_injection are all unlimited on every plan.
Q: Does the SDK require an API key?
Local PII masking, restoration, and detection (core functions) work without an API key. Cloud API features (/chat, /upload, etc.) require an API key.
Q: Where can I check my monthly call count?
Log in to the Developer Console and check the 🔑 API Keys panel for this month's usage.
Q: What's included in Enterprise?
Custom SLA, a dedicated account manager, unlimited usage, and custom PII rules — tailored to your requirements. Contact us to get started.