TravelPassGroup.com achieved PCI compliance with GraphQL and WunderGraph Cosmo by utilizing a self-hosted router, which allowed them to control their data and ensure scalability according to their requirements. This setup enabled them to contain sensitive data within their federated graph while selectively determining which graphs were available to different groups, such as app developers. By using namespaces and label matchers, they could expose certain graphs to customers without exposing sensitive data. The migration from Apollo to Cosmo was relatively quick, taking only a day, due to the resemblance between the two products and minimal disruption caused by a reduced learning curve. WunderGraph Cosmo provides a secure environment for PCI compliance while giving control over traffic, making it an ideal solution for companies like TravelPassGroup.com that require data sovereignty and regulatory requirements such as GDPR and HIPAA.