Secure PHI, PII and Cardholder Data
ShieldConex® utilizes both hardware-based encryption and vaultless tokenization to secure Personally Identifiable Information (PII), Protected Health Information (PHI), and cardholder data (CHD) entered online. ShieldConex immediately masks sensitive data upon entry through Bluefin’s hosted iFrame as a Service (iFaaS), ensuring that it never travels through a system or network as clear-text, where it could be accessible in the event of a data breach.
Flexible: Select any data element that you want to protect, from social security numbers, to health information, to CHD or ACH Account Data
Omnichannel: Generate the same format-preserving token across card type and utilize one common token to identify where and how your customers are purchasing
Maintain Control: Maintain control of your Ecommerce page without processing or transmitting sensitive data with our iFaaS solution or API option
Cloud-Based: Quickly implement ShieldConex in 2-7 days with no costly on-premise installation or data storage requirements on your system
Integrated security solutions, no matter where you are.
Complete Data Security
Encrypt, Tokenize and Authenticate
Reduce PCI Scope
ShieldConex removes credit and debit card information from your system and networks, which can reduce your PCI compliance scope up to 90% to an SAQ A
Address Data Privacy Regulations
ShieldConex meets international and U.S. data privacy regulations by pseudonymizing, or “masking,” data at the point of online entry
Meet Nacha Rules
ShieldConex addresses Nacha rules for the protection of Account Data and Account Numbers not only in storage, but also upon entry into online web forms
ShieldConex includes 3D Secure (3DS) for Secure Customer Authentication (SCA) and addressment of Payment Services Directive 2 (PSD2) regulations
Think ShieldConex is right for you?
“ShieldConex can be an effective mechanism for a business to capture various sensitive data elements from a customer without ever handling these data elements in their own systems. Should the business wish to process such data or have access, this flexibility exists also. As such, it is a successful means to reduce scope or compliance regulations and outsource the risk of handling such data to a third party.”
– Andrew McKenna, Foregenix