Costume Jewelry: How Capital One Uses Tokenization to Protect Data
RSA Conference 2024 · Track Session
In this compelling talk at RSAC 2024, Andy Ozment, Chief Technology Risk Officer at Capital One, detailed the financial institution's extensive and evolving journey into **tokenization** as a cornerstone of its data protection strategy. Titled "Costume Jewelry," the presentation eloquently metaphorized Capital One's approach: rather than guarding priceless crown jewels, they transform sensitive customer data into "costume jewelry" – tokens – that hold no intrinsic value to an attacker. This strategy dramatically reduces the **blast radius** of a potential data breach, rendering stolen data useless.