Data Privacy and Blocking Sensitive Data

The HCL Discover UI SDK client framework provides multiple security features to ensure that sensitive application and user data is safeguarded for transport or retained only in the client application.

Using controls that you can configure, you can define the specific set of data that is blocked or masked from transport to HCL Discover.

Sensitive data that was cleansed through the client framework never reaches HCL Discover, which ensures that your customer's interactions are secure.

Specifying Privacy Rules

HCL Discover enables the blocking of user input data by element ID, name, or xpath. Masks can be expressed as explicit strings, replacements for character types, or custom functions.

To specify a privacy rule, you must define:

The type of identifier.
The targets to which the rule applies.
The type of masking to apply to the targets.

Specifying the Identifier

The identifier for the target element.

This value is specified according to the idType value. In the configuration file, you can use a regular expression to specify matching identifiers. For example, the following target configuration matches all HTML identifiers that end with _pii.

message: {
	privacy: [
		{
			targets: [
			{
				id: { regex: ".+_pii$" }, 
				idType: -1
			},
			],
			"maskType": 3
		}
      ]
}

Specifying the maskType

The following table shows the different masking types and the output which would be achieved when masking the string HelloWorld123:


Value	Description	Masked Example
`1`	Value is blocked and replaced by an empty string.	`" "`
`2`	Value is blocked with a fixed string of `x`.	`xxxxx`
`3`	Value is masked according to the following parameters: a lowercase letter is replaced by `x`. an uppercase letter is replaced by `X`. a numeral is replaced by `9`. a non-alphanumeric value is replaced by `@`.	`XxxxxXxxxx999`
`4`	Custom function.	The replacement value returned by the custom function.

Specifying the idType

The following idType's are supported:


Value	Description
`-1`	HTML ID.
`-2`	xpath identifier.
`-3`	HTML name or other element attribute identifier.

Privacy Configuration Examples

Blocking all password input fields using a CSS selector.

message: {
		privacy: [
		{
			targets: [
				"input [type=password]"
			],
			maskType: 3
		}
    	],
    	...
}

Multiple maskTypes require separate targets.

message: {
	privacy: [
		{
			targets: [
				"input [type=password]"
			],
			maskType: 3
		},
		{
			targets: [
				{
					id: "cvv"
					idType: -1
				}
			],
			maskType: 1
		}
	],
	...
}

The following code block shows how you can combine different types of elements identified by id, idType, and CSS selectors

message: {
	privacy: [
		{
			targets: [
				{
					id: "cvv",
					idType: -1
				},
				{
					id: 
					{
						regex: "^creditCard.*",
						flags: "g"
					},
					idType: -1
				},
			"input[type=password]",
			".privacyData"
			],
			maskType: 1
		}
	],
	...
}