Bluefin Receives US Patent on Systems for Vaultless Tokenization and Encryption

The patent covers Bluefin's ShieldConex® data security platform for securing online payment, account and sensitive consumer/company data.

September 7, 2021

2 Min Read


September 7, 2021 – Atlanta, GA – Bluefin, the leading provider of payment and data security solutions, has announced the issuance of their first U.S. patent on the company’s ShieldConex® data security platform for the tokenized encryption of Personally Identifiable Information (PII), Protected Health Information (PHI), and payment / ACH account data.

U.S patent 11,070,534, Systems for Vaultless Tokenization and Encryption, covers an iFrame service for collecting data, a tokenization service for (de)tokenizing and encrypting/decrypting data, and managing and creating templates for iFrame collection, (de)tokenization, and encryption/decryption.

ShieldConex utilizes both hardware-based encryption and vaultless tokenization to secure PII, PHI, cardholder data (CHD) and ACH account data entered online. All ShieldConex tokens are format preserving and the option exists to maintain portions of the tokenized data, such as the last four digits of a social security number, preserving the usefulness of the data in tokenized form while being database-friendly for developers. Additionally, the vaultless nature of the solution means customers always retain their data – ShieldConex tokenizes the sensitive data and returns it to the customer – and also eliminates issues of data sovereignty, while guaranteeing higher performance than legacy token vault-based solutions.

Companies can also directly connect to ShieldConex for online data encryption and tokenization via Bluefin’s API.


“There is more sensitive data being entered online than ever before, thanks in part to the pandemic,” said Ruston Miles, Bluefin’s founder. “Ecommerce purchasing has risen dramatically, people are utilizing healthcare forms to enter everything from insurance information to their medical history, and as a result, hackers are going after the online channel. ShieldConex provides an easy to implement solution that protects any type of online data upon entry, in transit and in system storage.”


Bluefin was the first North American provider of a PCI-validated point-to-point encryption (P2PE) solution in 2014 for the immediate encryption of point-of-sale (POS) payments. PCI P2PE provides numerous benefits, including cost savings, PCI scope reduction and brand protection. ShieldConex complements the company’s P2PE suite by providing a holistic data security system that protects all online data.


“Implementing P2PE and ShieldConex is like a one-two punch,” said Tim Barnett, Bluefin’s CIO and patent author. “You have P2PE protecting mobile, face-to-face and call center transactions, and then you have ShieldConex protecting any type of data – whether payment, consumer or company data – that is entered online. The future of payment and data security must address every intake channel, and we are very pleased to have received our first U.S. patent on ShieldConex for this online protection.”


While the U.S. patent marks the first on ShieldConex, Bluefin has previously been issued 28 U.S., EU and Japanese patents on its P2PE innovations. The company also has an additional 13 patents pending.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights