Bluefin cut its teeth developing point-to-point encryption to protect sensitive payment information from being intercepted by thieves during the transaction process, and now it’s adding tokenization protection for the consumer data merchants keep.
The service — timed to capitalize on the
Atlanta-based Bluefin’s ShieldConex immediately tokenizes PII, personal health information and card data as it’s gathered through online forms and converts it to a token to disguise all or part of the information so it’s useless to hackers, according to the release.
Tokenization to protect data at rest is not a new concept, but Bluefin is touting a two-way tokenization process bypassing merchants’ need to directly handle customer data.
“What makes this system unique is the fact that we will collect the information on behalf of the client first, and then perform format-preserving tokenization or format-preserving encryption so the client never touches the sensitive data on their web property and the partner gets back a vaultless token for storage,” Ruston Miles, Bluefin’s chief strategy officer, said in the release
A major airline is testing the service, Bluefin noted in the release.