IBM Research along with Dutch bank Rabobank said they are using cryptographic pseudonyms to help comply with the General Data Protection Act starting on May 25.
GDPR is a big issue for any multinational company and the data privacy regulations revolve around giving citizens and residents control of their personal data.
- What is GDPR? Everything you need to know about the new general data protection regulations
- Ahead of GDPR, Segment sees growing pushback against third-party data sharing
- GDPR: These are the organisations which are least prepared
- GDPR and the cloud: How to manage suppliers in a changing world
- GDPR: Two thirds of organisations aren't prepared for the 'right to be forgotten'
One GDPR effort for IBM is to use cryptography to transform terabytes of Rabobank's client data and give them pseudonyms. Under this method, names, birthdates and account numbers would look like real data but wouldn't be. Data fields would be given artificial identifiers or pseudonyms.
For GDPR purposes, the data couldn't be attributed to a person or subject without use of other information.
IBM's tools convert data into individual hash-based token keys.
Rabobank and IBM Services have been running the pseudonym project for the last years. Applications and platforms have been converted and ultimately all payment applications and other bank functions will be converted.