Updated on January 10, 2025

Mask with format and token

This technique masks data based on user-specified token types (e.g., Text token,Numeric Token etc.) .as well as predefined formats (e.g., Phone, Email etc.).

Endpoint and Authentication: #

To use Protecto.ai’s token-based masking, you need to send a PUT request to the following endpoint:

METHOD: PUT

Endpoint: https://trial.protecto.ai/api/vault/mask

For authentication, include the following token in the request headers:

Headers: {“Authorization”: “Bearer <AUTH_TOKEN>”}

Request Payload: #

Here’s an example of a request payload to mask sensitive data:

Request Payload:
{
    "mask": [
        {
            "value": "https://platform.openai.com/playground/chat?models=gpt-4o",
            "format": "URL",
            "attributes":"Name",
            "token_name":"Text token"
        },
        {
            "value": "123/899 - Main Street, Anytown, USA-12345",
            "format": "Address",
            "attributes":"Name",
            "token_name":"Text token"
        },
        {
            "value": "(408)- 426 - 9989",
            "format": "Phone Number",
            "attributes":"Name",
            "token_name":"Numeric token"
        },
        {
            "value": "kumar@fss.com",
            "format": "Email address",
            "attributes":"Name",
            "token_name":"Text token"
        },
        {
            "value": "kumar@ss.fss.com",
            "format": "Email address",
            "attributes":"Name",
            "token_name":"Text token"
        }
    ]
}

Parameters for the Request Payload:

  • value (string): The sensitive data value to be masked.
  • token_name (string): The token to be used for masking the sensitive data.
  • format (string): Predefined format of the sensitive data.
Response :
Upon successful masking, you will receive a response with the masked data. Here’s an example of a response:
{
    "data": [
        {
            "value": "https://platform.openai.com/playground/chat?models=gpt-4o",
            "format": "Url",
            "attributes": "Name",
            "token_name": "Text Token",
            "token_value": "pqcqu://PWpdiwpv.l4W8iS.386MM/NRe7Kxyufv/QkE2L?upwoNa=gIXJrV"
        },
        {
            "value": "123/899 - Main Street, Anytown, USA-12345",
            "format": "Address",
            "attributes": "Name",
            "token_name": "Text Token",
            "token_value": "2OHfs/kLRzM - qnfAL wDCEA3, hWjC13c, pYmVh-I7AIg"
        },
        {
            "value": "(408)- 426 - 9989",
            "format": "Phone Number",
            "attributes": "Name",
            "token_name": "Numeric Token",
            "token_value": "(07432)- 29915 - 56713"
        },
        {
            "value": "kumar@fss.com",
            "format": "Email Address",
            "attributes": "Name",
            "token_name": "Text Token",
            "token_value": "LEFQS@WJoZudg"
        },
        {
            "value": "kumar@ss.fss.com",
            "format": "Email Address",
            "attributes": "Name",
            "token_name": "Text Token",
            "token_value": "LEFQS@cTdqGVB2Ay"
        }
    ],
    "success": true,
    "error": {
        "message": ""
    }
}
 Response Parameters
  • value (string): Original sensitive data value.
  • token_value (string): Generated token replacing the sensitive data.
  • format (string): Predefined format of the sensitive data.
Advantage :
This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.
  1. Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.
  2. User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.
  3. Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.
  4. Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.
  5. Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.

What are your feelings

© All Rights Reserved 2023 | Protecto

Scroll to Top