A firm specializing in background and credit checks maintains multiple pieces of Personally Identifiable Information (PII), including social security numbers, credit card account numbers, birthdates, maiden names, etc.
Remove PII data stored on the firm’s servers with only minor changes to their legacy application. The firm was already PCI compliant and wanted to reduce the amount of sensitive data stored locally.
Firm modified their legacy application to use the AuricVault® service to tokenize certain data fields. (Also the reverse detokenization).
This change allowed the client to maintain their existing legacy system while reducing the amount of PCI and PII data stored on their servers.
- Agents collect Personally Identifiable Information (PII) on a web page that submits that information to the Web Application.
- The Web Application sends the individual pieces of PII to the AuricVault® service, and
- receives back tokens.
- When the data needs to be reviewed, the Web Application sends the token to the AuricVault® service, and
- receives back the original PII data;
- which is then displayed for another agent.
- Reduced PCI footprint (local storage).
- Better adherence to many PII (privacy) laws in regards to data storage.