Rabobank has selected IBM to use cryptographic pseudonyms on its client’s personal data to comply with General Data Protection Regulation (GDPR) related financial regulations in the European Union.
The GDPR regulation, which will be live from 25 May, will create a complex data protection law framework across the EU. GDPR aims to give citizens and residents back control of their personal data, while imposing strict rules on those hosting, moving and processing this data, anywhere in the world.
Rabobank, as part of addressing GDPR compliance, has tied up with IBM Services and IBM Research, and cryptographically transformed client data, including names, birthdates and account numbers, into a desensitized representation.
IBM said pseudonymization enhances privacy by replacing most identifying fields within a data record by one or more artificial identifiers, or pseudonyms, i.e. replacing a real name with a fictitious one. The data can no longer be attributed to a specific data subject without the use of additional information.
Rabobank and IBM Services have pseudonymized multiple key applications and platforms including the current bank account and savings systems on mainframe, Linux, Tandem and Windows platforms.
IBM said it will assist Rabobank’s Radical Automation DevOps team to use the data for performance testing for the development of new innovative technologies and services, such as mobile apps and payment solutions.
“It’s critical for DevOps team to use data which is as close as possible to production during the testing phase, so when we go live, we are confident that our services will perform,” said Peter Claassen, Delivery Manager Radical Automation, Rabobank.
