Presented by Capital One software
Tokenization is emerging as a cornerstone of modern data security, helping businesses separate the value of their data from its risk. During this VB in Conversation, Ravi Raghu, President of Capital One Software, talks about ways tokenization can help mitigate the value of breached data and preserve the underlying data format and usability, including Capital One’s own experience leveraging tokenization at scale.
Raghu claims that tokenization is a much better technology. It converts sensitive data into an insensitive digital replacement, called a token, which maps back to the original, which is secured in a digital vault. The token placeholder preserves both the format and usefulness of sensitive data, and can be used in all applications, including AI models. He said, because tokenization removes the need to manage encryption keys or dedicate computation to constant encrypting and decrypting, it offers companies one of the most scalable ways to protect their most sensitive data.
"The killer part, from a security standpoint, when you think about it relative to other methods, is if a bad actor gets hold of the data, they get hold of the token," he explained. "The actual data is not sitting with the token, unlike other methods like encryption, where the actual data sits there, just waiting for someone to grab the key or use brute force to access the actual data. This should be the ideal way to protect sensitive data from every perspective."
tokenization differential
Most organizations are only scratching the surface of data security, adding protection at the very end when the data is read, to prevent the end user from accessing it. At a minimum, organizations should focus on keeping data secure as it is being stored. But best-in-class organizations go even further, protecting data from the moment it is born, from the moment it is created.
At one end of the security spectrum is a simple lock-and-key approach that restricts access but keeps the underlying data intact. More advanced methods, such as hiding or modifying data, permanently change its meaning – which can compromise its usefulness. File-level encryption provides comprehensive protection for large amounts of stored data, but when you get to field-level encryption (for example, a Social Security number), it becomes a bigger challenge. Encrypting a single field and then decrypting it at the point of use requires a lot of computation. And yet it has one fatal flaw: the original data is still there, only the key is needed to gain access.
Tokenization avoids these pitfalls by replacing the original data with a surrogate that has no intrinsic value. If the token is intercepted – whether by the wrong person or the wrong machine – the data itself remains secure.
Business Value of Tokenization
"Fundamentally you are protecting data, and that is invaluable," Raghu said. "Another thing that is invaluable – can you use it later for modeling purposes? On the one hand, it’s a security thing, and on the other hand it’s a business enabling thing."
Because tokenization preserves the structure and serialization of the original data, it can still be used for modeling and analytics, turning security into a business enabler. Take private health data governed by HIPAA, for example: tokenization means the data can be used to build pricing models or for gene therapy research while remaining compliant.
"If your data is already secure, you can increase data usage across the enterprise and everyone can create greater value from the data," Raghu said. "Conversely, if you don’t have that, there is a lot of hesitation for enterprises today to get more people access, or more and more AI agents, to their data. The irony is that they are limiting the scope of the explosion of innovation. The tokenization impact is massive, and there are many metrics you can use to measure it – operational impact, revenue impact, and obviously peace of mind from a security perspective."
breaking down barriers to adoption
Until now, the fundamental challenge with traditional tokens has been performance. AI requires scale and speed that is unprecedented. This is one of the key challenges that Capital One addresses with Databolt, its vaultless tokenization solution, which can produce up to 4 million tokens per second.
"Capital One has been undergoing tokenization for over a decade. We started doing this because we are serving our 100 million banking customers. We want to protect that sensitive data," Raghu said. "We have consumed our dog food over 100 billion times in a month with our internal token capacity. We’ve taken that knowledge and that capability, scale and speed, and innovated so that the world can take advantage of it, so that it’s a commercial offering."
Vaultless tokenization is an advanced form of tokenization that does not require a central database (vault) to store token mappings. Instead, it uses mathematical algorithms, cryptographic techniques, and deterministic mapping to generate tokens dynamically. This approach is faster, more scalable, and eliminates the security risks associated with managing the vault.
"We realized that at the scale and speed we demand, we need to develop that capability ourselves," Raghu said. "We are continuously striving to ensure that it can reach hundreds of billions of operations per month. All of our innovation has been around building IP and capacity to do that work at battle-tested scale within our enterprise for the purpose of serving our customers."
While traditional tokenization methods may involve some complexities and slow down operations, Databolt integrates seamlessly with encrypted data warehouses, allowing businesses to maintain strong security without slowing down performance or operations. Tokenization occurs in the client environment, eliminating the need to communicate with external networks to perform tokenization operations, which can also slow down performance.
"We believe that fundamentally, tokenization should be easy to adopt," Raghu said. "You need to be able to secure your data very quickly and meet the organizations speed, scale and cost needs. I think this has been a significant barrier to mass adoption of tokenization so far. In the world of AI, this is going to be a huge enabler."
Don’t miss the full conversation with Ravi Raghu, President, Capital One Software, here.
Sponsored articles are content produced by a company that is either paying for the post or that has a business relationship with VentureBeat, and they are always clearly marked. Contact for more information sales@venturebeat.com,
<a href