Two new API calls provide increased browser-based tokenization security.
The AuricVault® tokenization service includes browser-based tokenization and detokenization.
Browser based tokenization allows you to store and retrieve sensitive data directly from the browser; the data never touches your servers.
The new get_encrypt_session and get_decrypt_session API calls provide additional security by:
- Controlling when the user can tokenize and when they can detokenize.
- Declaring which tokens can be detokenized in the browser.
These new API calls provide increased browser-based tokenization security and ensure that what the user is doing in the browser is what you intend them to do.
get_encrypt_session
This API call is identical to the existing get_session API call, with the added feature of ensuring the only action a user can take with this session ID is to encrypt data.
get_decrypt_session
This API call ensures the only action a user can take with the returned session ID is to lookup (decrypt) a token. It also defines the specific token that the user can retrieve.
This API call takes a list of one to five token IDs that the user can look up and display in their browser.
The user receives an error if they attempt to look up a token that is not on the list.
Documentation
Check out the latest Session Management Methods documentation.