Updated on December 21, 2023

Mask with format and token

This technique masks data based on user-specified token types (e.g., Text token, Alphanumeric, Numeric Token etc.) as well as predefined formats (e.g., Phone, Email etc.).

Endpoint and Authentication:

To use Protecto.ai’s token-based masking, you need to send a PUT request to the following endpoint:

Endpoint: https://trial.protecto.ai/api/vault/mask

For authentication, include the following token in the request headers:

Headers: {“Authorization”: “Bearer <AUTH_TOKEN>”}

Request Payload:

Here’s an example of a request payload to mask sensitive data:

Request Payload:
{"mask": [{ "value": "George Williams", "token_name": "Numeric Token","format": "Person Name" }]}

Parameters for the Request Payload:

  • value (string): The sensitive data value to be masked.
  • token_name (string): The token to be used for masking the sensitive data.
  • format (string): Predefined format of the sensitive data.
Response :
Upon successful masking, you will receive a response with the masked data. Here’s an example of a response:
    "data": [
            "value": "George Williams",
            "token_value": "076772153218853",
            "token_name": "Numeric Token",
            "format": "Person Name"
    "success": true,
    "error": {
        "message": ""
 Response Parameters
  • value (string): Original sensitive data value.
  • token_value (string): Generated token replacing the sensitive data.
  • format (string): Predefined format of the sensitive data.
Advantage :
This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.
  1. Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.
  2. User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.
  3. Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.
  4. Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.
  5. Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.

What are your feelings?
Scroll to Top