Background/Credit Checks

August 8, 2019

A firm specializing in background and credit checks maintains multiple pieces of Personally Identifiable Information (PII), including social security numbers, credit card account numbers, birthdates, maiden names, etc.


Remove PII data stored on the firm’s servers with only minor changes to their legacy application. The firm was already PCI compliant and wanted to reduce the amount of sensitive data stored locally.


The firm modified their legacy application to use the AuricVault® service to tokenize and detokenize specific data fields. This change allowed the client to maintain their existing legacy system while reducing the amount of PCI and PII data stored on their servers.

  • All Personally Identifiable Information (PII) is tokenized: social security numbers, credit card account numbers, birthdates, maiden names, etc.
  • The sensitive information is tokenized during data entry using Browser-Side Tokenization that securely tokenizes the sensitive information in the browser.
  • The sensitive information is retrieved in the browser using Browser-Side Detokenization. 
  • All Personally Identifiable Information was removed from the firm’s servers.
  • Tokenization required only minor changes to the firm’s legacy application.

Data Flow

Background check tokenization dataflow.
Background checks storing Personally Identifiable Information.
  1. Agents collect Personally Identifiable Information (PII) on a web page that submits that information to the Web Application.
  2. The Web Application sends the individual pieces of PII to the AuricVault® service, and
  3. receives back tokens.
  4. When the data needs to be reviewed, the Web Application sends the token to the AuricVault® service, and
  5. receives back the original PII data;
  6. which is then displayed for another agent.


  • Reduced PCI footprint (local storage).
  • Better adherence to many PII (privacy) laws in regards to data storage.

Technologies Used

  • Tokenization
  • Data Separation

Have Questions?

Contact Us

1,000 character limit.

By submitting your name, email address, phone number, and message, you are permitting us to contact you by these means in response to your inquiry or feedback. You also acknowledge that you have read our Privacy Statement and that you consent to our processing data in accordance with it.