top of page
1280px-Thales_Logo.svg.png

ENCRYPTION SOLUTION

THALES SAFENET TOKENIZATION

image-asset (1).png

SafeNet Tokenization protects sensitive information by replacing it with a surrogate value that preserves the length and format of the data. The solution tokenizes numeric and alphanumeric data and returns tokens in an unlimited number of formats.

SafeNet Tokenization is used to address a wide range of use cases, including:

  • Securing primary account numbers to achieve PCI DSS compliance

  • Protecting personally identifiable information (PII) and other sensitive data

  • Big data protection

  • Scenarios that require static data masking or the exposure of production databases to non-production environments, such as testing, development, staging, research, and more.

SafeNet Tokenization can be deployed across on-premises, virtual, public cloud, and hybrid environments.

Additional SafeNet Tokenization Highlights:

  • Deployed with SafeNet KeySecure, a FIPS 140-2 up to Level 3 validated enterprise key manager, for centralized administration of all keys and policies

  • Granular access controls to ensure only authorized users or applications can view protected tokens and data

  • Unlimited data type support enables tokenization of primary account numbers (PAN), as well as other data types (PCI, PII, PHI, etc.) in any environment including payment systems and big data environments

  • Broad token format support, including regular expressions and customized formats

  • No changes required to applications, databases, or legacy systems with Format Preserving Tokenization (FPT)

  • Fast and easy deployment with web services (SOAP and REST/JSON), as well as the ability to leverage bulk tokenization and batch APIs

  • Built-in, automated key rotation and data re-keying

  • Track user access to tokens and protected data with comprehensive logging and auditing capabilities

Address a variety of use cases and data protection needs

  • Protect personally identifiable information

  • Protect data in the cloud

  • Meet compliance and regulatory mandates, including PCI DSS

  • Secure financial data

  • Secure big data implementations

  • And more

SAFENET TOKENIZATION FEATURES:

image-asset.jpeg

  • Apply transparent and secure application-level tokenization to structured sensitive data across on-premises, virtual, public cloud, and hybrid cloud environments

  • Works with SafeNet KeySecure to provide centralized administration of all keys and policies

  • Granular access controls to ensure only authorized users or applications can view protected tokens and data

  • Unlimited data type support enables tokenization of primary account numbers (PAN), as well as other data types (PCI, PII, PHI, etc.) in any environment including payment systems and big data environments

  • Broad token format support, including regular expressions and customized formats

  • No changes required to applications, databases, or legacy systems with Format Preserving Tokenization (FPT)

  • Fast and easy deployment with web services (SOAP and REST/JSON), as well as the ability to leverage bulk tokenization and batch APIs

  • Built-in, automated key rotation and data re-keying

  • Track user access to tokens and protected data with comprehensive logging and auditing capabilities

SAFENET TOKENIZATION: TECHNICAL SPECIFICATIONS

Format Preserving Tokenization

  • Complies with PCI Tokenization Guidelines for token identification via token masking and Luhn algorithm pass/fail checks

  • Supports multiple tokens vaults

  • Highly scalable - can generate and retrieve millions of tokens/per day for best performance

Supported Tokens Vault Databases

  • Microsoft SQL Server

  • Oracle

  • MySQL

Note: all tokenization forms are supported on all databases as long as the vault itself is on Microsoft SQL Server, MySQL or Oracle

Supported APIs

  • Web services: SOAP, REST/JSON

  • Java

  • .NET

Enhanced event logging and monitoring functionality

  • Complies with PCI tokenization manager event monitoring specifications

  • Supports SNMP for online monitoring and alerting

Token Formats

  • Random or Sequential token generation

  • Masked: Last four, First six, First two, etc.

  • Fixed length and width masking

  • Customer defined custom formats

  • Cryptographic hash functions, including SHA2-256,SHA2-284, SHA2-512, and Base16/Base64

  • Regular expressions (Java style)

bottom of page