Keeping sensitive information secure and private by encrypting with tokenization

Data security is crucial to any industry that deals with online transactions. The risk faced while transferring sensitive data back and forth becomes multiplied. Tokenization turns sensitive data into an unrecognizable string of characters that are rendered unusable without the tokenization system in place and, if stolen, provides no value to cybercriminals.

Business value

Business value


Maximum Security & Compliance

  • Secures any structured data set, including personally identifiable information, for comprehensive privacy compliance.
  • Securely manages and stores keys and sensitive data in a single, centralized location.
  • Personally Identifiable Information (PII) is encrypted under hardware based 256 bit AES encryption
  • Meets compliance requirements with all relevant industry standards including Payment Card Industry standards (PCI DSS) and GDPR
  • Provides random tokens, based on a true hardware-based, FIPS-certified Random Number Generator.

Scalable and flexible

  • Allows for hierarchical user administration where dual-control is required for all sensitive operations.
  • Tokens can be generated in a wide variety of predefined formats, or a specified custom token formats
  • High Availability (HA) option, allowing multiple appliances to be integrated into a self-replicating network. Appliances may be separated geographically, allowing tokens issued by one appliance to be recovered on another.
  • For both token generation as well as de-tokenization.
  • Uses a simple JSON Schema with a RESTful API driven functionality.
  • Configurable network settings enable access to shared network storage for secure file storage and access.
  • Allows adding additional HSMs (including HSMs from other manufacturers), as well as view and manage existing HSMs within the infrastructure.
  • Offers configurable automated daily backup functions.

Remote Management

Remote Management permits appliance maintenance and configuration without requiring physical proximity


Software Simulator included

Included simulator allowing for evaluation and integration testing to benchmark the best possible solution for each specific case

Deployment options

Deployment options


On Premise

  • Useful for centralized use cases without a requirement of scalability or remote accessibility and existing legacy infrastructure
  • Defined total cost of ownership
  • Complete control on hardware and software, including configuration and upgrades
  • Secured uptime in areas with insatiable internet connectivity
  • Preferred choice in industry-segments where regulation imposes restrictions

In the Cloud

  • Strategic architectural fit & risk management for your high value assets
  • Provides flexibility, scalability and availability of HSM-as-a-service
  • Ideal for a multi-cloud strategy, supporting multi-cloud deployments & allows for migration flexibility
  • Allows you to seamlessly work with any Cloud Service Provider
  • Easy-to-use remote management and on-site key ceremony service option
  • Full control over data through encryption key life-cycle and key administration
  • Secured data privacy through Bring-Your-Own-Key procedures

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.