A firm specializing in background and credit checks maintains multiple pieces of Personally Identifiable Information (PII), including social security numbers, credit card account numbers, birthdates, maiden names, etc.
Goal
Remove PII data stored on the firm’s servers with only minor changes to their legacy application. The firm was already PCI compliant and wanted to reduce the amount of sensitive data stored locally.
Solution
The firm modified their legacy application to use the AuricVault® service to tokenize and detokenize specific data fields. This change allowed the client to maintain their existing legacy system while reducing the amount of PCI and PII data stored on their servers.
- All Personally Identifiable Information (PII) is tokenized: social security numbers, credit card account numbers, birthdates, maiden names, etc.
- The sensitive information is tokenized during data entry using Browser-Side Tokenization that securely tokenizes the sensitive information in the browser.
- The sensitive information is retrieved in the browser using Browser-Side Detokenization.
- All Personally Identifiable Information was removed from the firm’s servers.
- Tokenization required only minor changes to the firm’s legacy application.
Data Flow
Background checks storing Personally Identifiable Information.
- Agents collect Personally Identifiable Information (PII) on a web page that submits that information to the Web Application.
- The Web Application sends the individual pieces of PII to the AuricVault® service, and
- receives back tokens.
- When the data needs to be reviewed, the Web Application sends the token to the AuricVault® service, and
- receives back the original PII data;
- which is then displayed for another agent.
Security
- Reduced PCI footprint (local storage).
- Better adherence to many PII (privacy) laws in regards to data storage.
Technologies Used
- Tokenization
- Data Separation