Glossary / Reversible Masking

Definition

What is Reversible Masking?

PII pseudonymization for AI

Reversible masking substitutes sensitive values with deterministic tokens before a prompt leaves your trust boundary, lets the model reason on the tokens, and restores the originals only at allow-listed egress. Tokens live in memory, never the database, and one call crypto-shreds an entire flow’s vault.

Static redaction strips the value and blinds the model; reversible masking keeps the prompt coherent. The same entity renders as the same token across every hop in a flow, while two different flows produce two different tokens for the same value, so prompts can’t be correlated across flows.

The per-flow vault is AES-256-GCM encrypted in memory. A single DELETE drops the salt and makes the ciphertext mathematically unrecoverable — the primitive behind GDPR Art. 17 erasure — and a mask manifest hash binds to the inference receipt so an auditor can prove what was tokenized without seeing the originals.