Personally Identifiable Information (PII) data refers to any data that can be used to identify an individual, either directly or indirectly. PII is considered sensitive data and is often a target for identity theft and other malicious activities. Organizations that collect, store, and process PII have a responsibility to protect it and limit its collection when possible.
Format Preserving Encryption (FPE) is an encryption algorithm that preserves the format of the original data set, but it replaces it with tokens that have no inherent meaning or value. With Format Preserving Encryption, you can “tokenize” sensitive data, like Social Security numbers and credit card numbers, to move and store it while preserving its privacy and maintaining compliance.
In this post, we explore what format-preserving encryption is, why it’s critical for securing PII in format-sensitive systems and how SnapLogic’s new FPE Snap enables seamless integration of encrypted PII within existing systems.
Real-world examples: how FPE works in practice
Consider the example of encrypting PII data such as a Social Security number. Using traditional encryption, the resulting ciphertext would likely be a seemingly random string of alphanumeric characters, bearing no resemblance to the original nine-digit numerical format. This discrepancy can pose significant challenges for applications designed to handle only valid social security number formats, potentially requiring extensive modifications or workarounds. In contrast, applying FPE to the same social security number would yield a different nine-digit number, fully encrypted and secure, yet perfectly compatible with systems expecting that specific format.
For example, encrypting a Social Security number (SSN) “055-46-6168” (plaintext SSN) into “569-83-4469” (ciphertext SSN). FPE ensures the ciphertext maintains the same format (length, number of hyphens, etc.) as the original plaintext. This means that the ciphertext will also be a nine-digit number with hyphens, preserving the structure of the SSN.
The utility of FPE extends to various domains. In financial transactions, encrypting credit card numbers while preserving their 16-digit structure allows for seamless integration with existing payment processing systems without requiring fundamental changes to validation routines or database schemas. Similarly, in healthcare, patient identification numbers or insurance codes can be encrypted using FPE, ensuring data confidentiality while maintaining the required format for interoperability between different healthcare providers and systems. Regulatory compliance often mandates specific data formats for reporting purposes. FPE enables organizations to meet these requirements by encrypting sensitive data without altering its structure, simplifying compliance efforts and reducing the risk of non-compliance penalties.
Furthermore, FPE can be employed to anonymize or pseudonymize data for research or analytics purposes. By encrypting identifying information while preserving its format, organizations can derive valuable insights from data without exposing sensitive details. This allows for more effective data sharing and collaboration while adhering to privacy regulations.
Implementing FPE involves complex mathematical algorithms and careful consideration of the desired security strength and performance characteristics. Different FPE schemes exist, each with its own trade-offs in terms of security, efficiency, and format support. Selecting the appropriate FPE algorithm depends on the specific use case and the sensitivity of the data being protected. Overall, format-preserving encryption offers a powerful and versatile tool for securing data in format-constrained environments, enabling organizations to enhance data protection without sacrificing operational efficiency or system compatibility.
Inside the Snap: FPE made easy with SnapLogic
Snaplogic Snaps are modular collections of integration components built for a specific purpose. SnapLogic provides a Java-based Snap Software Development Kit (SDK) which has been utilized to solve this complex PII data problem. By reusing well-known cryptography libraries, a FPE Snap was developed to solve this use case.
The FPE Snap Pack encrypts or decrypts incoming data via separate Snaps; FPE Encrypt and FPE Decrypt. The data undergoes encryption using the FF1 algorithm, a component of the Bouncy Castle cryptographic library. The FF1 algorithm is an FPE technique approved by the National Institute of Standards and Technology (NIST). For more information on the algorithm, please refer to the following links:
- SP 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption | CSRC
- Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption
Using the FPE FF1 algorithm encrypts data in such a way that the ciphertext retains the same length and data type as the original plaintext. This characteristic is dependent on the defined alphabet used for encryption. Prior to encryption, the FF1 algorithm determines the absolute minimum permissible length for the input string. If the length of the incoming data falls below this calculated minimum, the algorithm will pad the string. Padding involves appending a specific character to the input string until it meets the minimum length requirement.
The character used for padding is configurable. Importantly, the chosen padding character must be one of the characters included in the defined alphabet for the encryption process.The resulting padded string is then processed by the FF1 algorithm from the Bouncy Castle library to produce the final encrypted output, which maintains the format of the original, albeit potentially padded, input.
All shared encryption values are configurable using the FPE Snap Account Settings. Parameters such as the Encryption Key, Tweak value, Alphabet, Padding Character & Padding Direction can be configured.
The FPE Encrypt Snap encrypts incoming data using the shared Account settings. The data field values to be encrypted are defined by adding the Field and selecting the incoming Data Type as displayed in the image below.
Similarly the FPE Decrypt Snap decrypts incoming data using the shared Account settings.
Why preserving format matters in data protection
Format Preserving Encryption (FPE) is a crucial tool for securing sensitive data while maintaining its usability, particularly in legacy systems and applications. By encrypting data in a way that preserves its original format, FPE allows for data to be stored and processed without requiring extensive changes to existing infrastructure, reducing costs and development time. FPE also offers a higher level of security by using strong cryptographic algorithms and ensuring the integrity of the data. Once the data has been safely encrypted, it can be utilized. Examples include LLM training, Data Analysis, etc.
The SnapLogic FPE Snap Pack helps in reducing the complexity of using a FPE algorithm by encapsulating the underlying complexities in a reusable Snap Pack. This Snap Pack can be reusable across many different projects within the customers landscape. In addition, SnapLogic’s visual, drag and drop interface for building data integrations is incredibly user friendly and intuitive, helping to solve the many complex customer PII use cases.
Learn more about SnapLogic Snap Packs on our documentation page. If you have questions and want to dive deeper, join the conversation in our Community. The Integration Nation is here to help!
