I want to store data in encrypted form in a sendable Data Extension and decrypt it while using.
So basically, my DE will contain SubscriberKeys and EmailAddress. Email Address should be encrypted. But while sending email, I should be able to decrypt it.
Also, after email send, when this information goes to All Subscribers, it should still be in encrypted format.
How can I accomplish this?
Best Answer
You can't encrypt the Email Address field. If you need such a solution, you will need to use Tokenized Sending or Field Level Encryption.
With Tokenized Sending, a spoof email address or mobile number is used as a token; e.g. 1234345@memberemail.com which you store in your Sendable DE, then OMM invokes the Resolve Token API to retrieve the actual email address at send time.
Be aware that Tokenized Sending does not work out of the box; you need to build your own tokenized server to align with the documented methods — I've done this and it's pretty straightforward if you have experience in building REST API servers.
Also note that tokenization is enabled for an entire business unit; you can't disable tokenization for some email sends and enable it for others.