Encryption is done to protect the data to not be visible if a user access the data using the REST API.

Encryption is done with 256 bit AES algorithm. The encryption key is shown in the admin settings page of Protected Fields under Manage Apps.

The encrypted value is in an OpenSSL-compatible format.

Some examples of how to decrypt the value:

JavaScript: Crypto-js

const decrypted = CryptoJS.AES.decrypt("decrypted value, "Your decryption passord key");
const decryptedText = decrypted.toString(CryptoJS.enc.Utf8);

//encrypted value is read from file 'encryptedFile'
openssl enc -aes-256-cbc -in encryptedFile -out decryptedFile -pass pass:"Your decryption passord key" -d -base64