Mask with format and token

This technique masks data based on user-specified token types (e.g., Text token, Alphanumeric, Numeric Token etc.) as well as predefined formats (e.g., Phone, Email etc.).

Note: To send a request with the authentication token, include the following in headers:

Headers: {"Authorization": "Bearer <AUTH_TOKEN>"}


Request Method: PUT

Request Payload:

{"mask": [{ "value": “George Williams”,”token_name": "Numeric Token","format": "Person Name" }]}


{"data": [{"value": " George Williams “, "token_value”": “243 3466",” token_name": "Numeric Token “,"format": "Person Name" }]}

Response Parameters:

· value (string): Original sensitive data value.

· token_value (string): Generated token replacing the sensitive data.

· format (string): Predefined format of the sensitive data.


This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.

  1. Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.

  2. User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.

  3. Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.

  4. Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.

  5. Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.

Last updated