​Rabobank, IBM aim to use cryptographic pseudonyms for GDPR

With IBM Research, Rabobank has come up with an interesting twist to GDPR compliance.
Written by Larry Dignan, Contributor

IBM Research along with Dutch bank Rabobank said they are using cryptographic pseudonyms to help comply with the General Data Protection Act starting on May 25.

GDPR is a big issue for any multinational company and the data privacy regulations revolve around giving citizens and residents control of their personal data.

One GDPR effort for IBM is to use cryptography to transform terabytes of Rabobank's client data and give them pseudonyms. Under this method, names, birthdates and account numbers would look like real data but wouldn't be. Data fields would be given artificial identifiers or pseudonyms.

For GDPR purposes, the data couldn't be attributed to a person or subject without use of other information.

IBM's tools convert data into individual hash-based token keys.

Rabobank and IBM Services have been running the pseudonym project for the last years. Applications and platforms have been converted and ultimately all payment applications and other bank functions will be converted.

Editorial standards