Masking end-user PII and other sensitive information shared via Chat

Expand

Collapse

My Service Notifications

Advanced SearchOpens new dialog

Enter plus (+) or minus (-) signs in search terms to make a word required or excluded
Search Tips

Search terms

Screen Reader users press enter to select a Filter by product. Filter by product

Screen Reader users press enter to select a Filter by category. Filter by category

Sort by Direction

Answer ID 12499 | Last Review Date 12/07/2022

How can I mask the sensitive information shared by end-users with agents using Enhanced Business Rules?

Environment:

Enhanced Business Rules, Chat
Oracle B2C Service

Resolution:

The Mask Content action available within the Chat (Subject/Question) and Chat events (data strings, Chat Transcript) in Enhanced Business Rules allows admins to define rules to mask the PII and other sensitive information, received via chat, before storing in database. This feature is available starting with the 22D Oracle B2C Service version.

Notes about the feature:

The masking will not be applied on the live chat window but the PII items will be found and masked while storing in the database.
The data once masked cannot be unmasked.
The Mask Content action can only be used without any condition in the rule.
The admin has to define separate rules to mask PII data from Chat and Chat events.
The output of the masks can be viewed before saving a rule using Preview capability in the rule.
Masking the Chat transcript in the incident thread requires Incident Thread Masking to be enabled on the site.
Enable Incident Thread masking feature

Types of Mask:

There are two types of mask available to mask the sensitive data via chats.

1. Standard mask: The standard mask is available for the below PII items with the option to show last 4 digits of the item.

a. Credit card

b. Social security number

c. Phone number

2. Custom mask: The custom mask is available mask for other sensitive information not covered by standard mask. A custom mask should be defined before using the mask in a rule.

a. A maximum of 20 custom masks each can be defined for Chat and Chat Events per interface.

b. A regular expression should be used to identify the pattern in the sensitive information that should be masked. Below are examples of a regex expression.

i. [A-Z]{2}[0-9]{1} – The pattern of two upper case alphabets followed by a numeral in a string will be masked.

ii. [a-zA-Z][0-9]{5} – The pattern of one upper case or lower case alphabet followed by five digits in a string will be masked.

c. All occurrences of the pattern, defined in the mask, within a string will be masked. Below are examples of the custom mask applied on strings.

d. Standard masks will be applied first followed by custom mask for rules using both the masks.

e. Show last 4 digits of PII items is not supported in Custom Masks.

Loading...

Login

How can I mask the sensitive information shared by end-users with agents using Enhanced Business Rules?

Was this answer helpful?

Still have questions?

Related Answers

Login