Getting Started
  • Protecto Overview
    • Introduction
      • Quickstart Guide
      • Protecto Vault
        • What is a token?
        • Token customization
        • Authentication
        • Tokenization APIs
          • Masking
            • Mask with token
            • Mask with format and token
            • Identify and mask (Auto-detect)
          • Unmasking
          • What happens if an API fails?
        • Asynchronous API's
        • Bulk data
      • Add new data source
        • Snowflake
          • Create and grant access to Protecto
          • Add Snowflake to Protecto
        • Salesforce
          • Create connected app and user
            • Steps to create connected app
            • Steps to create Protecto user
          • Add Salesforce to Protecto
        • Azure SQL
          • Connect using AD Application credentials
          • Connect using database user credentials
        • Databricks
          • Add Service principal (Azure AD Application) to Databricks
          • Steps to create Azure Databricks Cluster
          • Steps to create Databricks python notebook and schedule job
        • Redshift
          • Create and grant access to Protecto user
          • Add Redshift to Protecto
      • Protecto FAQ's
        • 1. What are the steps after we sign up for a Protecto account?
        • 2. Can I sign up for a free account? How long is the trial period?
        • 3. What is Protecto license key? How can I get a new license key?
        • 4. How do I extend the trial period?
        • 5. What is the Protecto pricing model?
        • 6. How do I cancel my account?
        • 7. How do I unsubscribe / opt-out from emails?
      • Compliance User Guide
        • Risk Identification: Key Definitions
        • Understanding Risks
          • Find assets with severe breach risk
          • Filter assets by breach risk level
          • Find assets with other privacy risks
        • Understanding Usage
          • Find the data assets that were accessed
          • Find the data assets that are not used
        • Add Tags & Classification
          • Add tags globally
          • Classify tags to the categories
          • Add tags with category to the data assets
          • Remove tags with category from the data assets
        • Governance
          • Find all data assets
          • Add/delete purposes
          • Assign data owner for a data asset
          • Add/delete consent, data subject type and location for a data asset
          • Add/update retention time for a data asset
          • Add/update minor data for a data asset
        • Generate Compliance Reports
          • ROPA (Records of Processing Activities)
          • DPIA (Data Protection Impact Assessment)
Powered by GitBook
On this page
  1. Protecto Overview
  2. Introduction
  3. Protecto Vault
  4. Tokenization APIs
  5. Masking

Mask with format and token

PreviousMask with tokenNextIdentify and mask (Auto-detect)

Last updated 1 year ago

This technique masks data based on user-specified token types (e.g., Text token, Alphanumeric, Numeric Token etc.) as well as predefined formats (e.g., Phone, Email etc.).

Note: To send a request with the authentication token, include the following in headers:

Headers: {"Authorization": "Bearer <AUTH_TOKEN>"}

Endpoint:

https://protecto.ai/api/vault/mask

Request Method: PUT

Request Payload:

{"mask": [{ "value": “George Williams”,”token_name": "Numeric Token","format": "Person Name" }]}

Response:

{"data": [{"value": " George Williams “, "token_value”": “243 3466",” token_name": "Numeric Token “,"format": "Person Name" }]}

Response Parameters:

· value (string): Original sensitive data value.

· token_value (string): Generated token replacing the sensitive data.

· format (string): Predefined format of the sensitive data.

Advantage:

This approach involves replacing sensitive information with tokens while adhering to specific formats that are relevant to the type of data.

  1. Context Preservation: By retaining certain parts of the format, users can still recognize the type of data (e.g. email address) even after masking.

  2. User Identification: Users can quickly identify the masked data (e.g. email address) due to the retained format elements.

  3. Data Security: Sensitive information, such as domain and top-level domain, is masked while allowing users to understand the context of the data.

  4. Usability: Masked data remains usable for identification and analysis purposes, even though specific sensitive details are protected.

  5. Regulatory Compliance: The approach helps organizations comply with data protection regulations while ensuring that users can identify the type of masked data.