Pop Hasta Labs Logo
Product Guide · · 8 min read

Bring Your Own Keys: How BYOK Works in Other Me

AS

Founder & CEO, Pop Hasta Labs

In this article

  1. What Is BYOK?
  2. Why BYOK Matters
  3. BYOK for AI Models: How It Works
  4. BYOK for Encryption: Customer-Managed Keys
  5. Supported AI Providers
  6. How We Protect Your Keys
  7. Getting Started

When you use most AI platforms, your data flows through the provider's infrastructure. They hold the keys. They choose the AI models. They set the pricing. You have to trust that they are handling everything correctly.

BYOK — Bring Your Own Keys — flips that model. You stay in control. And in Other Me, BYOK applies to two separate but equally important things: your AI model keys and your encryption keys.

This guide explains both in plain English.

What Is BYOK?

BYOK means you use your own credentials rather than relying on a third party's. In the context of an AI platform like Other Me, there are two types of keys:

  • AI model API keys: These are the keys you get directly from AI providers like OpenAI, Anthropic, or Google. When you bring your own, your AI requests go straight to the provider under your account — not ours.
  • Encryption keys: These are the cryptographic keys used to encrypt your data at rest. When you bring your own encryption keys, even we cannot read your stored data without your permission.

Both types of BYOK are supported in Other Me. Let us look at each one in detail.

Why BYOK Matters

BYOK is not just a technical feature. It solves three real problems that organisations face when adopting AI.

1. Your Data Stays Under Your Control

Without BYOK, your AI queries and documents pass through the platform provider's API keys. That means the platform provider has a relationship with the AI model provider on your behalf. With BYOK, you have a direct relationship with the AI provider. Your data, your terms, your data processing agreement.

2. You Choose Which AI Models to Use

Different tasks need different models. A quick internal summary might work well with a fast, cost-effective model. A complex legal analysis might need the most capable model available. BYOK gives you the freedom to connect multiple AI providers and choose the right model for each job.

3. Costs Are Fully Transparent

When a platform uses its own API keys, AI usage costs are bundled into your subscription. You cannot see what you are actually spending on AI compute. With BYOK, you see every penny on your own AI provider dashboard. No hidden markups. No surprise bills.

In short: BYOK means no middleman between you and your AI providers. Direct relationship. Direct billing. Direct control.

BYOK for AI Models: How It Works

Setting up BYOK for AI models in Other Me takes about two minutes. Here is the process:

Step 1: Get your API key. Sign up with the AI provider of your choice (such as OpenAI, Anthropic, or Google) and generate an API key from their dashboard.

Step 2: Enter your key in Other Me. Go to the settings page in Other Me and paste your API key into the relevant provider field. You can add keys for as many providers as you like.

Step 3: Choose your default model. Select which AI model you want to use as your default. You can change this at any time and can select different models for different tasks.

Step 4: Start using AI. That is it. Every AI request now goes directly from Other Me to the AI provider using your key. Your prompts and responses are governed by your agreement with that provider, not ours.

2 min Typical time to set up BYOK in Other Me

What Happens After You Enter a Key

Once you submit your API key, it is immediately encrypted using AES-256-GCM — the same encryption standard used by banks and government agencies. The plaintext key is never stored. After entry, the key is never visible again in the interface. You will see a masked version (e.g., sk-****7xB2) to confirm which key is active, but the full key cannot be retrieved.

If you need to change a key, you simply enter a new one. The old key is overwritten and cannot be recovered from our systems.

BYOK for Encryption: Customer-Managed Keys

BYOK for encryption is a separate feature that gives you control over how your data is encrypted at rest within Other Me.

By default, all data in Other Me is encrypted using platform-managed encryption keys. This is already a strong security baseline. But for organisations that need maximum control — particularly in regulated industries like financial services and legal — customer-managed encryption keys (CMEK) offer an additional layer.

With CMEK:

  • You generate and manage the master encryption key. This key is used to encrypt the data encryption keys that protect your stored information.
  • You can revoke access at any time. If you rotate or disable your master key, your data becomes unreadable — even to us.
  • You maintain a complete audit trail of every time your encryption key is used.

The difference: BYOK for AI models controls who processes your queries. BYOK for encryption controls who can read your stored data. Together, they give you end-to-end control over your information.

Supported AI Providers

Other Me supports BYOK with multiple AI providers. You can connect one or several, and switch between them at any time.

Currently supported providers include:

  • OpenAI — GPT-4o, GPT-4, and other available models
  • Anthropic — Claude models
  • Google — Gemini models
  • xAI — Grok models
  • Any other OpenAI-compatible provider — If a provider offers an OpenAI-compatible API, you can connect it

This means you are never locked into a single AI vendor. If a new provider launches a better model tomorrow, you can add their key and start using it immediately. No waiting for us to add support. No migration projects.

Multiple AI providers supported — connect as many as you need

How We Protect Your Keys

Handling API keys and encryption keys demands the highest level of security. Here is exactly how Other Me protects them:

  • AES-256-GCM encryption: All keys are encrypted at rest using AES-256-GCM, a symmetric encryption algorithm that provides both confidentiality and integrity verification.
  • Keys are never logged: API keys do not appear in application logs, error reports, or analytics. They are treated as the most sensitive category of data in our system.
  • Keys are never visible after entry: Once you submit a key, the full value cannot be viewed again — not by you, not by our team, not by our support staff.
  • Keys are transmitted over TLS 1.3: All communication between your browser and Other Me is encrypted in transit using TLS 1.3.
  • Minimal access principle: Keys are only decrypted at the moment of use — when an AI request needs to be sent to the provider. They are held in memory for the shortest possible time.

Getting Started

BYOK is available on all Other Me plans:

  • Pro (£24/month): Full BYOK for AI models and encryption keys. Ideal for individual professionals and small teams.
  • Member (£15/month per user): BYOK with team-level key management. Each team member can use the organisation's shared keys or their own.
  • Enterprise (custom pricing): Advanced CMEK integration, dedicated key management support, and custom provider configurations.

BYOK is not an add-on in Other Me. It is how the platform works. Every plan includes it because we believe you should always control your own keys.

To set up BYOK, sign in to Other Me, navigate to Settings, and add your first API key. You will be up and running in minutes — with full control over which AI models process your data and how your information is encrypted.

No middlemen. No hidden costs. Your keys, your control.

AS

Abhishek Sharma

Founder & CEO of Pop Hasta Labs. Building Other Me — the governed AI platform with patent-pending security architecture. Based in London.

Related articles

Enterprise

CISO Guide to AI Governance Tools

What security leaders need to evaluate when choosing an AI governance platform.

 Security

How Other Me Handles PII

A technical look at how personal data is protected throughout the platform.

Try Other Me free for 7 days

AI assistants with governance built-in. No credit card required.

Start 7-day free trial
← Back to all articles