ShieldConex® Data Security Platform

Safeguard your customers’ sensitive data.


In today’s digital age, more and more sensitive information is being entered via online forms and websites, making companies accepting this type of data a hacker target. At the same time, data privacy laws, including GDPR and CCPA, are requiring organizations to protect consumer information.
Bluefin’s ShieldConex® platform secures Personally Identifiable Information (PII), Personal Health Information (PHI), and payment data entered into online platforms by replacing that data with tokens. ShieldConex relies on both hardware-based encryption and vaultless tokenization to help your organization adhere to data security compliance standards and remove sensitive data from your environment.

Why ShieldConex®?

Reduced Data Breach Threat

ShieldConex pseudonymizes your sensitive customer data by replacing it with tokens, rendering a breach useless if one were to occur.

Hosted iFrame

Unlike most data security platforms, ShieldConex leverages a Bluefin-hosted iFrame that allows you to collect devalued data without the original data ever entering your environment.

Cloud-Based / Easy Implementation

Unlike other data security solutions out there, ShieldConex is a cloud-based solution that can be implemented with an API and/or iFrame, eliminating the need for a time-consuming, on-premise implementation.

Format-Preserving Tokenization and Encryption

ShieldConex lets users mask data via vaultless tokenization or hardware-based encryption. The format of devalued data is preserved, regardless of the method used, allowing it to work with existing applications.

Advanced Reporting

Reporting on your organization’s data masking activity, user sign-in, and more is available within the ShieldConex Manager, allowing your organization to easily undergo data security compliance audits

Vaultless Tokenization

Typical tokenization requires a vault, which adds latency and requires large databases to map tokens to data. Vaultless Tokenization is performed using an algorithm, eliminating the need for token vaults, which pose breach risks and have longer latency.