Open In App

Difference between Tokenization and Masking

Improve
Improve
Like Article
Like
Save
Share
Report

1. Masking :
Masking, as name suggests, is a process of replacing real data with null or constant values. It is considered as essentially permanent tokenization. In this, sensitive information is replaced by some random characters in same formats as that of original data that too without any mechanism for retrieving original values. There are basically two types of masking I.e., Static Data Masking (SDM) and Dynamic Data Masking (DDM).

2. Tokenization :
Tokenization, as name suggests, is a process of replacing original value with random generated alphanumeric value known as token. Whenever user application requires original data, this system looks up token value in token database and retrieve it. It is one of oldest techniques used to keep data secure. In this, token has no meaning outside system that creates them and links them to other data.

Difference between Tokenization and Masking :

Masking 

Tokenization  

It is a process of applying mask to a value.  It is a process of replacing sensitive data with non-sensitive data. 
It simply ensures efficient use of masked data for analysis without fear of leaking private information.   It simply ensures correct formatting and transmission of data thus making it less vulnerable to cyberattacks.
It is generally used to secure structured and unstructured fields in both non-production and production environments such as database backups, data mining, etc.   It is generally used to secure credit card number or sensitive information in payment processing systems, customer service databases, and other structured data environments.  
It always preserves format but there are some chances of reidentification risk.   It always preserves format of data and maintain high security.  
It is an irreversible process i.e.; masked data cannot be retrieved back to original one.   It is a reversible process i.e.; tokenized data can be retrieved back to original one. 
It is easier for one to exchange masked data with third parties as they cannot view original data.  It is difficult for one to exchange data with third parties because they can have access to token database.  
It is used to secure data in use.   It is used to secure data at rest and data in motion.  
It normally protects sensitive data from being exposed to individuals who are not authorized or do not have access to view it. It normally creates surrogate value that can matched back to original string using database.  

 


Last Updated : 05 Mar, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads