Tokenization Explained

Learn more about Bluefin's Vault-less Tokenization Solution – ShieldConex

Bluefin’s ShieldConex® is a cloud-based tokenization and encryption platform that captures and secures sensitive data fields upon entry and at rest. It enables users to enter sensitive data online through Bluefin’s secure iFrame technology – bypassing an organization’s servers and reducing PCI scope, while adhering to privacy standards. ShieldConex is also one of the only data security solutions that can support both Format Preserving Tokenization (FPT) and Format Preserving Encryption (FPE).

If you're looking for help or information regarding the ShieldConex portal, please see our User Guide.

What is Tokenization?

Tokenization refers to technology that replaces data with a substitute. In the context of data, a token usually a non-sensitive representation of data element. Once made, tokens can be used to access the unique data they're associated with. That’s why it’s a popular compliance and security solution. You give your tokenization provider anything that might be subject to security regulations, and they give you tokens. You store those tokens in place of the original data. Since tokens are not subject to the same regulations, you’ve effectively offloaded this responsibility to a trusted 3rd party.

ShieldConex uses a system called vaultless tokenization. As scale grows and rules governing businesses become more complex, there is an increasing market for a stateless solution. We needed a solution that allowed providers to desensitize the data instead of just giving it a pseudonym in the form of a randomly generated token. Vaultless tokenization was eventually developed to solve those problems. Unlike vaulted tokenization, it’s an algorithmic solution, but what makes it secure is that no single entity maintains all of the components necessary to reverse-engineer the data. Since there is no cleartext data to maintain, there isn’t an enormous vault that has to be replicated across locations, so latency is vastly reduced.

The Benefits of ShieldConex

Reduce PCI Scope

ShieldConex removes credit and debit card information from your system and networks, which can reduce your PCI compliance scope up to 90% to a Self-Assessment Questionnaire A

Address Data Privacy Regulations

ShieldConex meets international and U.S. data privacy regulations by pseudonymizing, or “masking,” data at the point of entry.

ShieldConex also offers enhanced GDPR compliance support with new irreversible tokenization, timed token activation, and timed token deactivation. This provides better compliance with GDPR regulations by ensuring sensitive data is handled appropriately. More on this feature here: Irreversible Tokenization and Time-Boxed Detokenization

Meet NACHA Rules

ShieldConex addresses NACHA rules for the protection of Account Data and Account Numbers not only in storage, but also upon entry into online web forms


What’s Next

In this guide, we'll explain how to setup API authentication, tokenize data, and retrieve tokenized data. If you're just getting started, check out our authentication guide first.