Knowledge Base

Table of Contents

PII Handling

Personally Identifiable Information Handling

Customers sometimes unintentionally send in sensitive information like credit card numbers or National Identity numbers like social security numbers etc. 

Sparkcentral offers enterprises two options on how to handle such cases:

  1. Manual Message Masking
  2. Automatic Message Masking

 

Admins can enable this feature by navigating to Settings , Privacy & Security, PII Handling .

Manual Message Masking

Only Supervisors of a channel can execute Manual Message Masking. By doing so, it will mask the full text of inbound messages that contain unwanted sensitive information both in the conversation history UI as well as in the backend storage systems. Manual Message Masking will work on all channels, public and private.

  • Supervisors will see an option “Mask” in the Message-Action menu next to the message.
  • Upon clicking this “Mask” option, supervisors will be prompted to confirm the masking, click on Yes.
  • The entire message content will be replaced by “*” for each character in the message.
  • There will be a mask message audit trail, “Message content masked by {Supervisor Name}” with time-stamp.

Automatic Message Masking

Automatic Message Masking optionally masks unwanted sensitive information from Inbound Messages when they enter Sparkcentral. Each mask is defined as a pattern which automatically replaces matching text, before it is saved, and presented to Agents. 

It implements an automatic masking of sensitive information both in the conversation history UI as well as in the backend storage systems. Automatic Message Masking will work on all channels, public and private.

What agents see in the Conversation history?

  • For credit card numbers, the first 12 digits in the inbound text will be replaced with X, and the last four digits should be retained. e.g.,  XXXXXXXXXXXX1000
  • For US  social security numbers, the first 5 digits in the inbound text will be replaced with X, and the last four digits should be retained. e.g.,  XXXXX1120
  • If a customer sends in a credit card or US social security number with spaces in between, it will still be detected, and masked. (Single Spaces , Dashes)

How does the automatic masking work?

Whenever Sparkcentral receives a message from a user, we will automatically check these messages for the above cases. 

  • Credit Card Number: we check the number in the message with Luhn’s algorithm to verify whether it is indeed a Credit Card Number and not a series of numbers.
  • Social Security Number: these are constructed with a specific format (3 digits, an optional space or dash, 2 digits, an optional space of dash and finally 4 digits). This is what our system looks for behind the scenes.

Was this article helpful?

You already voted!

We're always happy to help you ❤️!

Did you know you could help us too?

We love feedback from our users. It’s incredibly important for our business. That’s why a positive recommendation from your company could really make a difference!