Anonymization

Masking & Suppression
Hashing
Pseudonymization
Tokenization
Role-based Dynamic Masking

Masking & Suppression

This technique hides specific data fields, like masking credit card numbers, where only the last four digits are visible (e.g., 1234-XXXX-XXXX-5678). It’s useful for call centers needing partial visibility for customer verification.

Hashing

Uses cryptographic hashing (e.g., SHA-256) to convert sensitive information (like user emails) into fixed-length, irreversible hash codes, ensuring no direct link to original values.

Pseudonymization

Replaces direct identifiers (e.g., names) with pseudonyms (e.g., user ID codes), which can be mapped back only with secure access to a separate decryption key or reference table.

Tokenization

Replaces sensitive data with a token (like a randomly generated number). For example, substituting a credit card number with a token in payment systems, so actual card data remains secure.

Role-based Dynamic Masking

Dynamically adapts data visibility by fully redacting or partially masking sensitive fields based on user roles and access privileges.