Masking Personal Identifiable Information (PII) data

As part of GDPR support, IBM® Sterling Order Management System masks the individual's personal sensitive information so that the log tracing does not show this information in the log files.

IBM Sterling Order Management System masks the values of PII attributes (for example, @EMailID, @AlternateEmailId, and @CustomerEMailID) available in the input and output XMLs that appear in the log files. These attributes are replaced with the string --masked--.

IBM Sterling Order Management System provides following log4j2 layout filters to mask the sensitive PII data.

PIIXMLFilter - To mask the PII data available in the input or output XMLs that appears in the API or Service log files.
SPIIFilter - To mask the sensitive PII data that appears in the API or Service log files.

The PIIXMLFilter layout filter replaces the values of the following XML attributes in the API or Service log files with the string --masked--:

Table 1. List of attributes For PIIXMLFilter
Attribute Category	Attribute Name
Personal Details	`@FirstName`, `@LastName`, `@CustomerFirstName`, `@CustomerLastName`
Contact Address	`@AddressLine1`, `@AddressLine2`, `@AddressLine3`
Contact Email	`@EMailID`, `@AlternateEmailID`, `@CustomerEMailID`, `@EmailAddress`, `@EmailId`
Contact Phone Number	`@DayPhone`, `@EveningPhone`, `@MobilePhone`, `@OtherPhone`, `@CustomerPhoneNo`, `@DayFaxNo`, `@EveningFaxNo`
Credit or Debit Card Details	`@CreditCardExpDate`, `@CreditCardName`, `@CreditCardNo`, `@DebitCardNo`
Account and Payment Details	`@CustomerAccountNo`, `@PrimaryAccountNo`, `@SvcNo`, `@PaymentReference1`, `@PaymentReference2`, `@PaymentReference3`

The SPIIFilter layout filter replaces the values for the following keywords in the API or Service log files with the string *--masked--*:

Table 2. List of keywords For SPIIFilter
Keyword Category	Keyword Name
Credit or Debit Card and Account Details	Password, CVV, CreditCardNo, DebitCardNo, SvcNo, CustomerAccountNo, PrimaryAccountNo
Login Details	LOGINID, USER_ID

The paymentFilter is the default layout filter for IBM Sterling Order Management System. IBM Sterling Order Management System deployment script includes PIIXMLFilter and SPIIFilter to the paymentFilter so that the PIIXMLFilter and SPIIFilter filter patterns are also applied by default on all IBM Sterling Order Management System environments.

Note: If you are using the customized log4j2 configuration XML file with a different layout filter than the paymentFilter, then you need to assess the filter patterns that are provided in the PIIXMLFilter and SPIIFilter layout filters and also include them in your layout filter by making the following changes in the customer_overrides.properties file:

logfilter.filterset.<custom_filter>.includes=PIIXMLFilter,SPIIFilter