This technique masks data based on user-specified token types (e.g., Text token,Numeric Token etc.) .as well as predefined formats (e.g., Phone, Email etc.).
Note: Check our supporting format
Endpoint and Authentication: #
To use Protecto.ai’s token-based masking, you need to send a PUT request to the following endpoint:
METHOD: PUT
Route: api/vault/mask
For authentication, include the following token in the request headers:
Headers: {“Authorization”: “Bearer <AUTH_TOKEN>”}
Note: To obtain the <auth token>, please refer to the Step-by-Step Guide to Obtain Your Auth Token.
Request Payload: #
Here’s an example of a request payload to mask sensitive data:
Request Payload:
{
"mask": [
{
"value": "https://platform.openai.com/playground/chat?models=gpt-4o",
"format": "URL",
"token_name":"Text token"
},
{
"value": "123/899 - Main Street, Anytown, USA-12345",
"format": "Address",
"token_name":"Text token"
},
{
"value": "(408)- 426 - 9989",
"format": "Phone Number",
"token_name":"Numeric token"
},
{
"value": "kumar@fss.com",
"format": "Email address",
"token_name":"Text token"
},
{
"value": "kumar@ss.fss.com",
"format": "Email address",
"token_name":"Text token"
}
]
}
Parameters for the Request Payload:
- value (string): The sensitive data value to be masked.
- token_name (string): The token to be used for masking the sensitive data.
- format (string): Predefined format of the sensitive data.
Response :
Upon successful masking, you will receive a response with the masked data. Here’s an example of a response:
Response Parameters
{
"data": [
{
"value": "https://platform.openai.com/playground/chat?models=gpt-4o",
"format": "URL",
"token_name": "Text token",
"token_value": "r0bdA://T6RibV8u.xfN6s8.NTr/AIUQHZV5NB/Yp46?18NnDq=of0YY6"
},
{
"value": "123/899 - Main Street, Anytown, USA-12345",
"format": "Address",
"token_name": "Text token",
"token_value": "YrX/pO9 - WLMD XtQKHE, D3sOjxG, lia-cNZE8"
},
{
"value": "(408)- 426 - 9989",
"format": "Phone Number",
"token_name": "Numeric token",
"token_value": "(916)- 670 - 4991"
},
{
"value": "kumar@fss.com",
"format": "Email address",
"token_name": "Text token",
"token_value": "3ikKb@zT87FcH"
},
{
"value": "kumar@ss.fss.com",
"format": "Email address",
"token_name": "Text token",
"token_value": "3ikKb@Q9ZMI5BsXb"
}
],
"success": true,
"error": {
"message": ""
}
}
- value (string): Original sensitive data value.
- token_value (string): Generated token replacing the sensitive data.
- format (string): Predefined format of the sensitive data.
Advantage :
This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.
- Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.
- User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.
- Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.
- Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.
- Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.
