Sentinel ID
Tokenize PII so a breach exposes nothing usable.
PII tokenization-as-a-service. It issues one-way keyed HMAC tokens backed by a Shamir-gated custody vault, so a breach exposes nothing reversible. Any app can swap raw identifiers for breach-safe tokens through a simple API or SDK.
Who buys it
CTOs, CISOs, and Heads of Platform at companies holding sensitive identifiers across health, fintech, govtech, and child-serving orgs.
Who uses it
Engineers who integrate tokenize/detokenize calls into their platform via API or SDK.
What it does
- —One-way keyed HMAC tokenization that is not reversible from the token alone
- —Shamir-gated custody vault for the cases where controlled detokenization is required
- —Tokenize and detokenize operations exposed through a metered API
- —Drop-in SDK for engineers, plus white-label and on-prem deployment
- —Breach-safe by design: a database dump of tokens yields nothing usable
- —Built for regulated platforms in health, fintech, govtech, and child-serving sectors
Pricing
Proposed · illustrativeUsage-metered API
per-token tier
Metered per 10k tokenize/detokenize operations, plus a platform fee.
Platform
from $2k/mo
Platform fee on top of usage metering.
White-label / On-prem
annual license
White-label or on-prem deployment under annual license.
Monetization model: Usage/credit metered.
Posture & compliance
Third privacy pillar. Sells the engine; NEVER stores raw identifiers itself. Independent crypto audit is the trust gate before paid GA.
Migration: Group B
In these solution packs
Sentinel IDis sold on its own — or as part of a stack that solves a whole buyer’s problem end-to-end.
Works with
One login spans the suite. These editions are wired to Sentinel ID through a shared pack — better together than apart.