Overview

Bluefin’s U.S. patented, cloud-based data security platform, ShieldConex®, utilizes both hardware-based encryption and vaultless tokenization technology to help organizations meet payment data security compliance standards and keep customer payment data out of hackers’ reach.

ShieldConex immediately masks sensitive data with randomly generated characters or “tokens” upon entry through Bluefin’s iFrame or APIs, ensuring that it never travels through a system or network as clear text, where it could be accessible in the event of a data breach. By using this kind of tokenization to hide sensitive data, ShieldConex helps organizations across retail, healthcare, government and higher education, among other industries, protect customers’ data at all times – whether that be mid-transaction, at rest or actively in use. The platform secures all types of sensitive data including personally identifiable information (PII) and payment data entered online.

Similar offerings often opt for a “token vault” approach to payment protection. This means that their databases will link the randomly-generated characters to a centralized vault that contains all customers’ sensitive information in one location. Housing all customer data in a single, shared vault can cause latency when looking to retrieve that data later on. Unlike other offerings, ShieldConex can be implemented using an API and through a Bluefin-hosted iFrame that offers an extra layer of protection since the data never leaves Bluefin’s trusted environment. This also means companies won’t be bogged down by time-consuming on-premise implementation timelines.

Additionally, implementing tokenization helps companies comply with data security compliance standards, such as GDPR, CCPA, and PCI, since tokenization can simplify systems – meaning fewer components need to be compliant. Today, it is not a matter of ‘if’, but a matter of ‘when’ companies are attacked and devaluing online data through tokenization is critical to keeping it secure from bad actors.