Data Privacy and Blocking Sensitive Data
The HCL Discover UI SDK client framework provides multiple security features to ensure that sensitive application and user data is safeguarded for transport or retained only in the client application.
Using controls that you can configure, you can define the specific set of data that is blocked or masked from transport to HCL Discover.
Sensitive data that was cleansed through the client framework never reaches HCL Discover, which ensures that your customer's interactions are secure.
Specifying Privacy Rules
HCL Discover enables the blocking of user input data by element ID, name, or xpath. Masks can be expressed as explicit strings, replacements for character types, or custom functions.
- The type of identifier.
- The targets to which the rule applies.
- The type of masking to apply to the targets.
Specifying the Identifier
The identifier for the target element.
This value is specified according to the idType value. In the configuration file, you
can use a regular expression to specify matching identifiers. For example, the
following target configuration matches all HTML identifiers that end with
_pii
.
message: {
privacy: [
{
targets: [
{
id: { regex: ".+_pii$" },
idType: -1
},
],
"maskType": 3
}
]
}
Specifying the maskType
The following table shows the different masking types and the output which would be achieved when masking the string HelloWorld123:
Value | Description | Masked Example |
---|---|---|
1 | Value is blocked and replaced by an empty string. | " " |
2 | Value is blocked with a fixed string of x. | xxxxx |
3 | Value is masked according to the following parameters:
|
XxxxxXxxxx999 |
4 | Custom function. | The replacement value returned by the custom function. |
Specifying the idType
The following idType's are supported:
Value | Description |
---|---|
-1 | HTML ID. |
-2 | xpath identifier. |
-3 | HTML name or other element attribute identifier. |
Privacy Configuration Examples
Blocking all password input fields using a CSS selector.
message: {
privacy: [
{
targets: [
"input [type=password]"
],
maskType: 3
}
],
...
}
Multiple maskTypes require separate targets.
message: {
privacy: [
{
targets: [
"input [type=password]"
],
maskType: 3
},
{
targets: [
{
id: "cvv"
idType: -1
}
],
maskType: 1
}
],
...
}
The following code block shows how you can combine different types of elements identified by id, idType, and CSS selectors
message: {
privacy: [
{
targets: [
{
id: "cvv",
idType: -1
},
{
id:
{
regex: "^creditCard.*",
flags: "g"
},
idType: -1
},
"input[type=password]",
".privacyData"
],
maskType: 1
}
],
...
}