Bluefin adds tokenization service to protect PII, account details

Register now

Bluefin cut its teeth developing point-to-point encryption to protect sensitive payment information from being intercepted by thieves during the transaction process, and now it’s adding tokenization protection for the consumer data merchants keep.

The service — timed to capitalize on the recent spate of major data breaches — preserves the look and feel of the way the way the information was input originally so it may be recreated or accessed with little impact to existing business processes, using secure payment frames, Bluefin said a press release Wednesday.

Atlanta-based Bluefin’s ShieldConex immediately tokenizes PII, personal health information and card data as it’s gathered through online forms and converts it to a token to disguise all or part of the information so it’s useless to hackers, according to the release.

Tokenization to protect data at rest is not a new concept, but Bluefin is touting a two-way tokenization process bypassing merchants’ need to directly handle customer data.

“What makes this system unique is the fact that we will collect the information on behalf of the client first, and then perform format-preserving tokenization or format-preserving encryption so the client never touches the sensitive data on their web property and the partner gets back a vaultless token for storage,” Ruston Miles, Bluefin’s chief strategy officer, said in the release

A major airline is testing the service, Bluefin noted in the release.

For reprint and licensing requests for this article, click here.
Tokenization Personally identifiable information Payment processing