Skip to content

Presentation Schemes

Presentation schemes are optional schemes that obfuscate decrypted data into a form suitable for display to authorized users. These schemes provide an additional layer of protection by controlling how sensitive data is presented after decryption.

What Are Presentation Schemes?

When an encrypted value is decrypted, the presentation scheme may be applied to the decrypted value before it is presented to the user. For example, a credit card number might be decrypted but then presented with only the last four digits visible.

Presentation schemes support two main approaches:

  1. Direct Masking Patterns: Apply masking patterns directly to decrypted values
  2. Reveal last 4 digits of an SSN (XXX-XX-1234)
  3. Show masked email domain (x***@example.com)

  4. Display partial credit card numbers (**** **** **** 1234)

  5. Re-encryption: Re-encrypt data using a different scheme

  6. Original value encrypted with scheme A is decrypted, then re-encrypted with presentation scheme B
  7. Example: Credit card number encrypted with PROD_CC_SCHEME is re-encrypted with FRAUD_CC_SCHEME that allows fraud analysts to use card number for investigation and also compare and check with other uses

Presentation schemes allow for: - Partial data display (e.g., showing only last 4 digits) - Data transformation for display purposes - Controlled visibility of sensitive information - Reducing exposure of decrypted values - Supporting use cases like customer service and fraud detection - Providing different views of sensitive data based on user roles or business needs - Implementing data segregation between departments or applications

Viewing Presentation Schemes

To view your presentation schemes:

  1. Select Encryption & Masking > Encryption & Masking from the Privacera Portal navigation menu.
  2. Navigate to the Presentation Schemes tab to view existing schemes.

Creating Custom Presentation Schemes

To create custom presentation schemes in the Privacera Portal:

  1. From the navigation menu, select Encryption & Masking > Encryption & Masking.
  2. Click ADD SCHEME to add a new scheme.
  3. Enter the following details:
  4. Name: A name for the scheme
  5. Description: A description of the scheme
  6. Encryption API: PRIVACERA (default) or BOUNCY_CASTLE
  7. Format Type: Data format type (e.g., FPE_ALPHA_NUMERIC, alphanumeric)
  8. Scope: All (or a specific scope like "Last 4 digits" for credit cards)
  9. Algorithm: Presentation algorithm (e.g., AlphaNumeric, FPE, Mask)
  10. Data Validation: Toggle to enable custom error handling
  11. Non-deterministic Encrypted Data: Toggle to enable non-deterministic behavior
  12. Click Save.

Common Use Cases

Presentation schemes are commonly used for:

Data Type Typical Presentation Use Case
Credit Card Show only last 4 digits (e.g., **** **** **** 1234) Customer service, transaction verification
Social Security Show only last 4 digits (e.g., ***-**-1234) HR verification, identity confirmation
Email Show username but mask domain (e.g., user@***.com) Communication, user identification
Phone Numbers Show only area code or last 4 digits Contact verification, customer support

Business Benefits

Presentation schemes provide several key business benefits:

  • Enhanced Security: Reduces exposure of sensitive data while maintaining usability
  • Role-Based Access: Enables different views of data based on user roles
  • Compliance Support: Helps meet regulatory requirements for data protection
  • Operational Efficiency: Supports business processes while maintaining security
  • Data Segregation: Enables secure data sharing between departments
  • Fraud Prevention: Supports fraud detection while protecting sensitive data

Comments