Masking
Mask sensitive field values while retaining the formatting criteria
Objective
A technique commonly used by dynamic data masking within the RDBMS.
On-the-fly data obfuscation rules are executed on the source data event to enable PII data.
Certain fields are replaced with a mask character (such as an ‘XXX’). This removes the actual content while preserving the same formatting.
Example & DSL attributes
This code defines an obfuscation strategy named numberMasking
. It applies to the creditcard
field and uses the following masking:
pattern The credit card number is displayed as
XXXX XXXX XXXX 1234
, where only the last four digits are visible.mask The
*
character is used to mask the other digits.
This ensures that the credit card number is partially hidden, showing only the last four digits.
Attributes schema
Attribute | Description | Data Type | Required |
---|---|---|---|
mask | Replacement character to be applied | Char Default: * | |
pattern | Masking pattern to be applied to source string value | String | |
apply to all | Boolean to inform if all characters need to be replace using the mask value (true) or to apply pattern (false). | Boolean Default: false |
Last updated