This technique masks data based on user-specified token types (e.g., Text token, Alphanumeric, Numeric Token etc.) as well as predefined formats (e.g., Phone, Email etc.).
Endpoint and Authentication:
To use Protecto.ai’s token-based masking, you need to send a PUT request to the following endpoint:
Endpoint: https://trial.protecto.ai/api/vault/mask
For authentication, include the following token in the request headers:
Headers: {“Authorization”: “Bearer <AUTH_TOKEN>”}
Request Payload:
Here’s an example of a request payload to mask sensitive data:
Request Payload:
{"mask": [{ "value": "George Williams", "token_name": "Numeric Token","format": "Person Name" }]}
Parameters for the Request Payload:
- value (string): The sensitive data value to be masked.
- token_name (string): The token to be used for masking the sensitive data.
- format (string): Predefined format of the sensitive data.
Response :
Upon successful masking, you will receive a response with the masked data. Here’s an example of a response:
{
"data": [
{
"value": "George Williams",
"token_value": "076772153218853",
"token_name": "Numeric Token",
"format": "Person Name"
}
],
"success": true,
"error": {
"message": ""
}
}
Response Parameters
- value (string): Original sensitive data value.
- token_value (string): Generated token replacing the sensitive data.
- format (string): Predefined format of the sensitive data.
Advantage :
This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.
- Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.
- User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.
- Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.
- Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.
- Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.
