Tokenization Explained

Learn more about Bluefin's Vault-less Tokenization Solution – ShieldConex

Bluefin’s ShieldConex® is a cloud-based tokenization and encryption platform that captures and secures sensitive data fields upon entry and at rest. It enables users to enter sensitive data online through Bluefin’s secure iFrame technology – bypassing an organization’s servers and reducing PCI scope, while adhering to privacy standards. ShieldConex is also one of the only data security solutions that can support both Format Preserving Tokenization (FPT) and Format Preserving Encryption (FPE).

If you're looking for help or information regarding the ShieldConex portal, please see our User Guide.

What is Tokenization?

Tokenization refers to technology that replaces data with a substitute. In the context of data, a token usually a non-sensitive representation of data element. Once made, tokens can be used to access the unique data they're associated with. That’s why it’s a popular compliance and security solution. You give your tokenization provider anything that might be subject to security regulations, and they give you tokens. You store those tokens in place of the original data. Since tokens are not subject to the same regulations, you’ve effectively offloaded this responsibility to a trusted 3rd party.

ShieldConex uses a system called vaultless tokenization. As scale grows and rules governing businesses become more complex, there is an increasing market for a stateless solution. We needed a solution that allowed providers to desensitize the data instead of just giving it a pseudonym in the form of a randomly generated token. Vaultless tokenization was eventually developed to solve those problems. Unlike vaulted tokenization, it’s an algorithmic solution, but what makes it secure is that no single entity maintains all of the components necessary to reverse-engineer the data. Since there is no cleartext data to maintain, there isn’t an enormous vault that has to be replicated across locations, so latency is vastly reduced.

The Benefits of ShieldConex

Reduce PCI Scope

ShieldConex removes credit and debit card information from your system and networks, which can reduce your PCI compliance scope up to 90% to a Self-Assessment Questionnaire ASelf-Assessment Questionnaire A - SAQ A was developed by the PCI Security Standards Council to address requirements applicable to merchants whose cardholder data functions are completely outsourced to validated third parties, where the merchant retains only paper reports or receipts with cardholder data. SAQ A merchants may be either e-commerce or mail/telephone-order merchants (card-not-present), and do not store, process, or transmit any cardholder data in electronic format on their systems or premises. For more information, please visit

Address Data Privacy Regulations

ShieldConex meets international and U.S. data privacy regulations by pseudonymizingpseudonymizing - Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing., or “masking,” data at the point of entry.

Meet Nacha Rules

ShieldConex addresses NACHANACHA - Previously known as the National Automated Clearinghouse Association, NACHA is a non-profit association that is funded by the financial institutions that use its network. NACHA and the Interactive Financial eXchange (IFX) Forum merged in 2018, an international industry association that develops specifications for financial data systems. rules for the protection of Account Data and Account Numbers not only in storage, but also upon entry into online web forms

Did this page help you?