Trustway DataProtect Token

A total data protection of your sensitive data by replacing it with a surrogate value

Trustway DataProtect Token

Trustway DataProtect Token is a solution to protect your sensitive data by replacing it with a surrogate value that preserves the length and format of the original data, the easiest way for data masking.

As the volume and value of your organization’s data continues to grow, you can no longer rely solely on perimeter-based security to protect it from the lasting impact of a breach.

Trustway DataProtect Token replaces sensitive data with a unique token (surrogate value) that is stored, processed or transmitted in place of the clear data. A popular choice with the payment card industry to secure primary account numbers (PAN), tokenization can be used to protect other types of high-value data.

In combination with Trustway DataProtect KMS based on certified architecture, Trustway DataProtect Token meets the strictest international standards and brings the highest level of security of your sensitive data.

Atos cyber security Trustway DataProtect Token

To follow or contact us:
Linkedin | Twitter

Unified solution

Based on a HSM architecture, this centralized platform provides a key management and encryption services for all the solutions of your infrastructure. Enhanced by monitoring and granular access control features, it guarantees a unique data protection policy for your company and reduce cost of compliance and audit.

Strengthen security

Data can be tokenized with a surrogate value in a variety of formats for unlimited data type support, including numeric data with spaces or dashes: credit card numbers, social security numbers, passport, email…

Bull cyber Trust compliance

Achieve compliance

A highly available encryption solution to address numerous industry security standards and government regulations such as PCI DSS, GDPR, and HIPAA

Unlimited data type and broad token format support

Tokenize primary account numbers (PAN), as well as other data types (PCI, PII, PHI, etc.) in any environment, including payment systems and big data implementations
Support a wide variety of token formats, including regular expressions and customized formats

Support cloud initiatives

Deploy in on-premises, virtual and public cloud environments
Set up tokenization in the cloud more quickly with readily available Chef recipes for easy automation

Transparent and secure tokenization

Replace sensitive data with a token (surrogate value) that can be securely stored, processed and transmitted
Apply granular access controls to ensure only authorized users or applications can view tokenized data
Centralize key management across multiple sites with an industry-leading enterprise key manager
Leverage bulk tokenization utilities and batch APIs

Ensure easy deployment and management

No changes required to applications, databases, and legacy systems with Format Preserving Tokenization (FPT)
Web services (SOAP and REST APIs) provide fast, cost-effective deployment
Built-in, automated key rotation and data re-keying

HSM Certifications

Common Criteria EAL4+ compliant with CWA 14167-2 PP
FIPS 140-2 Level 3 (in progress)
«Qualification Renforcée» (the highest qualification from the ANSSI)
Compliant with eIDAS

Format Preserving Tokenization:
– Complies with PCI Tokenization Guidelines for token identification via token masking and Luhn algorithm pass/ fail checks,
– Supports multiple tokens vaults
– Highly scalable – can generate and retrieve millions of tokens/per day for best performance

Supported Token Vault Databases: Microsoft SQL Server, Oracle, MySQL, Cassandra
Note: all tokenization forms are supported on all databases as long as the vault itself is on Microsoft SQL Server, Oracle, MySQL or Cassandra

Supported APIs: Java, NET

Web services: SOAP, REST/JSON

Enhanced event logging and monitoring functionality: Complies with PCI tokenization manager event monitoring specifications, Supports SNMP for online monitoring and alerting

Token Formats:
– Random or Sequential token generation
– Masked: Last four, First six, First two, etc.
– Fixed length and width masking
– Customer defined custom formats
– Cryptographic hash functions, including SHA2-256, SHA2-284, SHA2-512 and base16/Base64
– Regular expressions (Java style)

Trustway DataProtect offers a comprehensive data encryption solution to guarantee data security and the control on the data access.

This solution provides the customer with the tools to the capabilities to encrypt all the data format as Virtual Machine, Database, File system, Application and Tokenization. Trustway DataProtect is a complete solution for cloud, virtual and on-premises infrastructures and is compliant with the most restrictive data privacy regulations as GDPR, HIPAA or PCI DSS.

Trustway DataProtect KMS >>

Trustway DataProtect KMS is a centralized administrative platform of key management. This compliant standardized interface (PKCS#1) allows you to manage keys on every environment (cloud, virtual, on-premises) to make Information System audit and a meticulous access control.

Trustway DataProtect App >>

Connected to Trustway DataProtect KMS, Trustway DataProtect App is a highly-secured application encryption’s solution which centralizes administration of application encryption policy and keys. This solution is suitable for a large range of web applications’ servers and company applications.

Trustway DataProtect VM >>

Connected to Trustway DataProtect KMS, Trustway DataProtect VM brings a complete cloud data protection which guarantees to your organization a secure migration to the cloud, ensures only authorized users to access information, and meets compliance mandates. With this solution, you can now isolate and totally control your virtual machine instances.

Trustway DataProtect File >>

Connected to Trustway DataProtect KMS, Trustway DataProtect File ensures data security through fully automated file encryption of unstructured data contained in network drives and file servers. Your files can not be read by unauthorized users anymore.

Trustway DataProtect DB >>

Connected to Trustway DataProtect KMS, Trustway DataProtect DB brings to your organization a total protection of your database in the datacenter and the cloud thanks to a centralized control of data access and a regular key rotation. Data field to encrypt is directly selected by you.

Related resources



Trustway DataProtect Token: A total protection of your sensitive data

Trustway DataProtect Token brings to your organization a total protection of your sensitive data by replacing it with a surrogate value.

Atos Trustway DataProtect


Download: Securing your end to end infrastructure with unified encryption

Discover Trustway DataProtect, a data protection solution, which secure your data regardless of their location, be they stored in a database, file server, application, traditional or virtualized data center, or public cloud environment.

Atos cybersecurity Trustway DataProtect Prevent ransomware

White paper

Download: Prevent ransomware attacks from taking down your business and defend your data

Drastic emergency situations provide a conducive environment for criminals to perform cyberattacks. Ransomware attacks today are clearly on the rise and the risk of organizationssensitive data being stolen is higher. Read our whitepaper to find out more about ransomware and how to protect your sensitive data.

Atos Brochure Trustway_HSM hardware Security Module


Trustway HSM: Data Security – Choosing the right path through compliance

Compliant, flexible and innovative, our Hardware Security Module range brings to companies and critical infrastructures the reliability of an innovative and robust architecture in compliance with strict security demands.

Trustway DataProtect range

Trustway DataProtect KMS

Trustway DataProtect KMS is a centralized key management platform enhanced with data access control and monitoring features
Visit product page >

Trustway DataProtect App

Trustway DataProtect App provides an interface for key management operations, as well as application-level encryption of sensitive data
Visit product page >

Trustway DataProtect DB

Trustway DataProtect DB brings to your organization a total protection of your database in the datacenter and the cloud
Visit product page >

Trustway DataProtect File

Trustway DataProtect File provides transparent and automated file system-level encryption of file servers or shares
Visit product page >

Trustway DataProtect VM

Trustway DataProtect VM empowers you to secure your data and prove compliance across cloud-enabled environments
Visit product page >

Interested in our Trustway DataProtect solutions?