Bluefin’s ShieldConex® is a cloud-based tokenization and encryption platform that captures and secures sensitive data fields upon entry and at rest. It enables users to enter sensitive data online through Bluefin’s secure iFrame technology – bypassing an organization’s servers and reducing PCI scope, while adhering to privacy standards. ShieldConex is also one of the only data security solutions that can support both Format Preserving Tokenization (FPT) and Format Preserving Encryption (FPE).
ShieldConex removes credit and debit card information from your system and networks, which can reduce your PCI compliance scope up to 90% to a Self-Assessment Questionnaire ASelf-Assessment Questionnaire A - SAQ A was developed by the PCI Security Standards Council to address requirements applicable to merchants whose cardholder data functions are completely outsourced to validated third parties, where the merchant retains only paper reports or receipts with cardholder data. SAQ A merchants may be either e-commerce or mail/telephone-order merchants (card-not-present), and do not store, process, or transmit any cardholder data in electronic format on their systems or premises. For more information, please visit https://www.pcisecuritystandards.org/documents/SAQ_A_v3.pdf.
ShieldConex meets international and U.S. data privacy regulations by pseudonymizingpseudonymizing - Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing., or “masking,” data at the point of entry.
ShieldConex addresses NACHANACHA - Previously known as the National Automated Clearinghouse Association, NACHA is a non-profit association that is funded by the financial institutions that use its network. NACHA and the Interactive Financial eXchange (IFX) Forum merged in 2018, an international industry association that develops specifications for financial data systems. rules for the protection of Account Data and Account Numbers not only in storage, but also upon entry into online web forms
Before you dive in, there are a few things you should know.
Any language that can make a Rest API request in JSON can write to ShieldConex. All of our sample requests are in Node.js.
Detokenization will always be performed via API so that you can isolate code changes within your Data Access Layer, but there are 2 ways for you to implement tokenization with ShieldConex. Like detokenization, you can perform tokenization using only the API, but we also provide a path using the Secure iFrame. This way, you don't have to worry about protecting data from the points of entry to tokenization – we host the data intake and you fetch the resulting tokens from us via API. For more information, take a look at the iFrame Tokenization guide and the API Authentication.
Regardless of your implementation method, you'll need to implement API authentication. We've put together an Authentication Guide outlining exactly how to set it up so you can start making secure calls with very little time or effort.
Updated 3 months ago
In this guide, we'll explain how to setup API authentication, tokenize data, and retrieve tokenized data. If you're just getting started, check out our authentication guide first.