Presented by Capital One Software
Tokenization is emerging as a cornerstone of recent data security, helping businesses separate the worth of their data from its risk. During this VB in Conversation, Ravi Raghu, president, Capital One Software, talks in regards to the ways tokenization may also help reduce the worth of breached data and preserve underlying data format and usefulness, including Capital One’s own experience leveraging tokenization at scale.
Tokenization, Raghu asserts, is a far superior technology. It converts sensitive data right into a nonsensitive digital substitute, called a token, that maps back to the unique, which is secured in a digital vault. The token placeholder preserves each the format and the utility of the sensitive data, and might be used across applications — including AI models. Because tokenization removes the necessity to manage encryption keys or dedicate compute to constant encrypting and decrypting, it offers some of the scalable ways for firms to guard their most sensitive data, he added.
"The killer part, from a security standpoint, when you consider it relative to other methods, if a nasty actor gets hold of the information, they pay money for tokens," he explained. "The actual data just isn’t sitting with the token, unlike other methods like encryption, where the actual data sits there, just waiting for somebody to pay money for a key or use brute force to get to the true data. From every angle that is the perfect way one should go about protecting sensitive data."
The tokenization differentiator
Most organizations are only scratching the surface of knowledge security, adding security on the very end, when data is read, to stop an end user from accessing it. At minimum, organizations should deal with securing data on write, because it’s being stored. But best-in-class organizations go even further, protecting data at birth, the moment it’s created.
At one end of the protection spectrum is a straightforward lock-and-key approach that restricts access but leaves the underlying data intact. More advanced methods, like masking or modifying data, permanently alter its meaning — which may compromise its usefulness. File-level encryption provides broader protection for big volumes of stored data, but while you get all the way down to field-level encryption (for instance, a Social Security number), it becomes an even bigger challenge. It takes an awesome deal of compute to encrypt a single field, after which to decrypt it at the purpose of usage. And still it has a fatal flaw: the unique data remains to be right there, only needing the important thing to get access.
Tokenization avoids these pitfalls by replacing the unique data with a surrogate that has no intrinsic value. If the token is intercepted — whether by the fallacious person or the fallacious machine — the information itself stays secure.
The business value of tokenization
"Fundamentally you’re protecting data, and that’s priceless," Raghu said. "One other thing that’s priceless – can you employ that for modeling purposes subsequently? On the one hand, it’s a protection thing, and then again it’s a business enabling thing."
Because tokenization preserves the structure and ordinality of the unique data, it could still be used for modeling and analytics, turning protection right into a business enabler. Take private health data governed by HIPAA for instance: tokenization implies that data canbeused to construct pricing models or for gene therapy research, while remaining compliant.
"In case your data is already protected, you’ll be able to then proliferate the usage of knowledge across your complete enterprise and have everybody creating increasingly more value out of the information," Raghu said. "Conversely, should you don’t have that, there’s plenty of reticence for enterprises today to have more people access it, or have increasingly more AI agents access their data. Sarcastically, they’re limiting the blast radius of innovation. The tokenization impact is huge, and there are numerous metrics you might use to measure that – operational impact, revenue impact, and clearly the peace of mind from a security standpoint."
Breaking down adoption barriers
Until now, the basic challenge with traditional tokenization has been performance. AI requires a scale and speed that’s unprecedented. That's certainly one of the most important challenges Capital One addresses with Databolt, its vaultless tokenization solution, which may produce as much as 4 million tokens per second.
"Capital One has undergone tokenization for greater than a decade. We began doing it because we’re serving our 100 million banking customers. We would like to guard that sensitive data," Raghu said. "We’ve eaten our own pet food with our internal tokenization capability, over 100 billion times a month. We’ve taken that know-how and that capability, scale, and speed, and innovated in order that the world can leverage it, in order that it’s a industrial offering."
Vaultless tokenization is a complicated type of tokenization that doesn’t require a central database (vault) to store token mappings. As an alternative, it uses mathematical algorithms, cryptographic techniques, and deterministic mapping to generate tokens dynamically.This approach is quicker, more scalable, and eliminates the safety risk related to managing a vault.
"We realized that for the size and speed demands that we had, we would have liked to construct out that capability ourselves," Raghu said. "We’ve been iterating constantly on ensuring that it could scale as much as a whole bunch of billions of operations a month. All of our innovation has been around constructing IP and capability to try this thing at a battle-tested scale inside our enterprise, for the aim of serving our customers."
While conventional tokenization methods can involve some complexity and decelerate operations, Databolt seamlessly integrates with encrypted data warehouses, allowing businesses to take care of robust security without slowing performance or operations. Tokenization occurs in the client’s environment, removing the necessity to communicate with an external network to perform tokenization operations, which may also slow performance.
"We consider that fundamentally, tokenization ought to be easy to adopt," Raghu said. "You need to find a way to secure your data in a short time and operate on the speed and scale and value needs that organizations have. I believe that’s been a critical barrier to date for the mass scale adoption of tokenization. In an AI world, that’s going to change into an enormous enabler."
Don't miss the entire conversation with Ravi Raghu, president, Capital One Software, here.
Sponsored articles are content produced by an organization that’s either paying for the post or has a business relationship with VentureBeat, and so they’re all the time clearly marked. For more information, contact sales@venturebeat.com.
