I'm not quite sure what you mean by tokenization of the data. Perhaps you could elaborate.
In Mendix, access to sensitive data is configured by setting up project (and module) roles with permissions to that data. Users not in the correct permission groups will not be able to see it.
At a simple level, you can control visibility of attributes in your forms by setting conditional visibility based on the module roles. However, if the data is sensitive you should not rely on this alone. Also set up your domain model by defining access rules for the entity - only the correct roles should be able to read the sensitive data attributes.