The Format Preserving Encryption - SSN scheme performs a regex search for US Social Security Numbers in their nine character format (for example, 123-45-6789) and encrypts the content into 32 characters.
This scheme can work in two different ways:
- No input validation. If there is no input validation on the field to make sure that the SSN is formatted correctly, the characters are input as plaintext and encrypted as cyphertext.
- Input validation. If there is input validation on the field, any input not formatted correctly as an SSN is rejected. In this case, the plaintext goes in post-validation, and the scheme uses APEX code to send it back to the proxy. The characters come back from the proxy as cyphertext, which is stored.
For more information about this encryption scheme, contact MVISION Cloud Support.