Masking Personal Identifiable Information (PII) data

As part of GDPR support, application masks the individual's personal sensitive information so that the log tracing does not show this information in the log files.

The application masks the values of PII attributes (for example, @EMailID, @AlternateEmailId, and @CustomerEMailID) available in the input and output XMLs that appear in the log files. These attributes are replaced with the string --masked--.

The application provides following log4j1 layout filters to mask the sensitive PII data.

  1. PIIXMLFilter - To mask the PII data available in the input or output XMLs that appears in the API or Service log files.
  2. SPIIFilter - To mask the sensitive PII data that appears in the API or Service log files.

The PIIXMLFilter layout filter replaces the values of the following XML attributes in the API or Service log files with the string --masked--:

Table 1. List of attributes For PIIXMLFilter
Attribute Category Attribute Name
Personal Details @FirstName, @LastName, @CustomerFirstName, @CustomerLastName
Contact Address @AddressLine1, @AddressLine2, @AddressLine3
Contact Email @EMailID, @AlternateEmailID, @CustomerEMailID, @EmailAddress, @EmailId
Contact Phone Number @DayPhone, @EveningPhone, @MobilePhone, @OtherPhone, @CustomerPhoneNo, @DayFaxNo, @EveningFaxNo
Credit or Debit Card Details @CreditCardExpDate, @CreditCardName, @CreditCardNo, @DebitCardNo
Account and Payment Details @CustomerAccountNo, @PrimaryAccountNo, @SvcNo, @PaymentReference1, @PaymentReference2, @PaymentReference3

The SPIIFilter layout filter replaces the values for the following keywords in the API or Service log files with the string *--masked--*:

Table 2. List of keywords For SPIIFilter
Keyword Category Keyword Name
Credit or Debit Card and Account Details Password, CVV, CreditCardNo, DebitCardNo, SvcNo, CustomerAccountNo, PrimaryAccountNo
Login Details LOGINID, USER_ID

The paymentFilter is the default layout filter.

Note: If you are using customized the log4j1 configuration XML file with a different layout filter than the paymentFilter, then you need to assess the filter patterns that are provided in the PIIXMLFilter and SPIIFilter layout filters and also include them in your layout filter by making the following changes in file: