Trustway DataProtect Token

Total protection for your most sensitive data

Trustway DataProtect Token

Trustway DataProtect Token is a solution to protect your sensitive data by replacing it with a surrogate value that preserves the length and format of the original data, the easiest way for data masking.

As the volume and value of your organization’s data continues to grow, you can no longer rely solely on perimeter-based security to protect it from the lasting impact of a breach.

Trustway DataProtect Token replaces sensitive data with a unique token (surrogate value) that is stored, processed or transmitted in place of the original data. A popular choice with the payment card industry to secure primary account numbers (PAN), tokenization can be used to protect other types of high-value data.

In combination with Trustway DataProtect KMS based on certified architecture, Trustway DataProtect Token meets the strictest international standards and brings the highest levels of security to your sensitive data.

Atos cyber security Trustway DataProtect Token

Follow or contact us:
Linkedin | Twitter

Centralize management

Based on HSM architecture, this unified platform provides key management and encryption services for all your infrastructure solutions. Enhanced by monitoring and granular access control features, it guarantees a unique data protection policy for your company and reduces compliance and audit costs.

Strengthen security

Data can be tokenized with a surrogate value in a variety of formats for unlimited data type support, including numeric data with spaces or dashes like credit card numbers, social security numbers, passport numbers, email addresses and more.

Bull cyber Trust compliance

Achieve compliance

A highly available encryption solution to address numerous industry security standards and government regulations such as PCI DSS, GDPR and HIPAA.

Unlimited data type and broad token format support
  • Tokenize primary account numbers (PAN), as well as other data types (PCI, PII, PHI, etc.) in any environment, including payment systems and big data implementations
  • Support a wide variety of token formats, including regular expressions and customized formats
Support cloud initiatives
  • Deploy in on-premises, virtual and public cloud environments
  • Set up tokenization in the cloud more quickly with readily available Chef® recipes for easy automation
Transparent and secure tokenization
  • Replace sensitive data with a token (surrogate value) that can be securely stored, processed and transmitted
  • Apply granular access controls to ensure only authorized users or applications can view tokenized data
  • Centralize key management across multiple sites with an industry-leading enterprise key manager
  • Leverage bulk tokenization utilities and batch APIs
Ensure easy deployment and management
  • No changes required to applications, databases, and legacy systems with Format Preserving Tokenization (FPT)
  • Web services (SOAP and REST APIs) provide fast, cost-effective deployment
  • Built-in, automated key rotation and data re-keying
HSM certifications
  • Common Criteria EAL4+ compliant with CWA 14167-2 PP
  • FIPS 140-2 Level 3 (in progress)
  • Qualification Renforcée (the highest qualification from ANSSI)
  • Compliant with eIDAS

Format Preserving Tokenization:

  • Complies with PCI Tokenization Guidelines for token identification via token masking and Luhn algorithm pass/ fail checks
  • Supports multiple tokens vaults
  • Highly scalable – can generate and retrieve millions of tokens per day for best performance

Supported token vault databases: Microsoft SQL Server, Oracle, MySQL, Cassandra
Note: all tokenization forms are supported on all databases as long as the vault itself is on Microsoft SQL Server, Oracle, MySQL or Cassandra

Supported APIs: Java, NET

Web services: SOAP, REST/JSON

Enhanced event logging and monitoring functionality: Complies with PCI tokenization manager event monitoring specifications, Supports SNMP for online monitoring and alerting

Token Formats:

  • Random or sequential token generation
  • Masked: Last four, first six, first two, etc.
  • Fixed length and width masking
  • Customer-defined custom formats
  • Cryptographic hash functions, including SHA2-256, SHA2-284, SHA2-512 and base16/Base64
  • Regular expressions (Java style)

Trustway DataProtect offers a comprehensive data encryption solution to guarantee data security and the control on the data access.

This solution provides the customer with the tools to the capabilities to encrypt all the data format as Virtual Machine, Database, File system, Application and Tokenization. Trustway DataProtect is a complete solution for cloud, virtual and on-premises infrastructures and is compliant with the most restrictive data privacy regulations as GDPR, HIPAA or PCI DSS.

Trustway DataProtect KMS >>

Trustway DataProtect KMS is a centralized key management administration platform. This standards-compliant interface (PKCS#1) allows you to manage keys on every environment (cloud, virtual, on-premises) to enable information system audits and robust access control.

Trustway DataProtect App >>

Connected to Trustway DataProtect KMS,Trustway DataProtect App is a highly-secure application encryption solution which centralizes administration of application encryption policy and keys. This solution is suitable for a wide range of web application servers and enterprise applications.

Trustway DataProtect VM >>

Connected to Trustway DataProtect KMS, Trustway DataProtect VM brings complete cloud data protection, guaranteeing your organization a secure migration to the cloud, ensuring only authorized users can access information, and meeting compliance mandates. With Trustway DataProtect VM, you can now isolate and totally control your virtual machine instances.

Trustway DataProtect File >>

Connected to Trustway DataProtect KMS, Trustway DataProtect File ensures data security, denying unauthorized user access to your files through fully automated file encryption of unstructured data contained in network drives and file servers.

Trustway DataProtect DB >>

Connected to Trustway DataProtect KMS, Trustway DataProtect DB provides your organization with total database protection in the data center and the cloud, thanks to centralized control and a regular key rotation. You directly select which data fields to encrypt.

Related resources



Trustway DataProtect Token: A total protection of your sensitive data

Trustway DataProtect Token brings your organization total protection for your sensitive data by replacing it with a surrogate value.

Atos Trustway DataProtect


Download: Securing your end-to-end infrastructure with unified encryption

Discover Trustway DataProtect, a data protection solution that secures your data regardless of location, whether stored in a database, file server, application, traditional or virtualized data center, or public cloud environment.

Atos cybersecurity Trustway DataProtect Prevent ransomware

White paper

Download: Prevent ransomware attacks from taking down your business and defend your data

Drastic emergency situations provide a conducive environment for criminals to perform cyberattacks. Ransomware attacks today are clearly on the rise, and the risk of an organization’ssensitive data being stolen is higher. Read our white paper to learn more about ransomware and how to protect your sensitive data.

Atos Brochure Trustway_HSM hardware Security Module


Trustway HSM: Data Security – Choosing the right path through compliance

Compliant, flexible and innovative, our range of hardware security modules brings companies and critical infrastructures the reliability of an innovative and robust architecture in compliance with strict security demands.

Trustway DataProtect range

Trustway DataProtect KMS

Trustway DataProtect KMS is a centralized key management platform enhanced with data access control and monitoring features
Visit product page >

Trustway DataProtect App

Trustway DataProtect App provides an interface for key management operations, as well as application-level encryption of sensitive data
Visit product page >

Trustway DataProtect DB

Trustway DataProtect DB brings to your organization a total protection of your database in the datacenter and the cloud
Visit product page >

Trustway DataProtect File

Trustway DataProtect File provides transparent and automated file system-level encryption of file servers or shares
Visit product page >

Trustway DataProtect VM

Trustway DataProtect VM empowers you to secure your data and prove compliance across cloud-enabled environments
Visit product page >

Interested in our Trustway DataProtect solutions?