IBM Support

Creating Privacy Rules in the Tealeaf UI Capture SDK

Question & Answer


Question

An introduction to creating privacy rules to mask sensitive data in the Tealeaf UI Capture SDK

Answer

IMPORTANT: the Tealeaf UI Capture SDK should be configured, tested, and validated by IBM Professional Services or by an approved IBM Business Partner before use in a production environment. The documentation on this page is provided as is by the IBM Tealeaf support team as a resource for training and enablement. It is not a substitute for engaging a professional.

This document is intended to assist customers and business partners in adding Tealeaf privacy rules in Tealeaf UI Capture SDK (hereafter, UIC).
 

Overview of the privacy rule creation process

Step 1: analyze the elements on the website which need to be masked

Identify the fields on your website which require masking and make a note of their identifiers, which we will use when creating the privacy rules for masking.


Step 2: build a new rule and add it to the UIC

Add the new rule(s) to the privacy section of the UIC configuration, as in the example below:
  
  message: {      privacy: [          { "targets": [              { id : "ap_email", idType : -1 },              { id : "ap_password", idType : -1 }              ],          "maskType": 2 // Mask with XXXXX }          ]      },

When you have finished, save the file.


Step 3: Test and Validate

It is essential to test the new UIC using Fiddler and your test or QA environment before rolling out to production on the live website. You should also validate that masking is now occurring as expected when replaying sessions in Tealeaf.

User-added image
Video - creating a privacy rule in the Tealeaf UI Capture SDK (10mins, mp4, 33 MB)

Privacy Selector Examples

A selector consists of either:
 

(1) an identifier and identifier type

Available types are:

idType: -1: HTML ID
idType: -2: XPath
idType: -3: HTML name or other element attribute identifier
  
  // Selects the element with id "ssn"  { id: "ssn", idType: -1 }    // Selects an element from its XPath  { id: '[["registryInfor"],["div",0],["div",1],["input",0]]', idType: -2 }    // Selects all elements including "privacy=yes"  { id: "privacy=yes", idType: -3 }    Regex can also be used, including as a way to allowlist:    // Selects all elements whose id ends with "_pii"   { id: { regex: ".+_pii$" }, idType: -1 }    // Select all elements except those with ids that start with phone, Phone, promo  {id: { regex: "^((?![Pp]hone|promo).)*$" }, idType: -1}
 

or, (2) a CSS selector

  // Selects element with id "surname"  "#surname"    // Selects all input elements with type "password"  "input[type=password]"    // Selects all elements of type "email"  "[type=email]"    // Selects all elements of class "captcha"  ".captcha"    // Selects all input elments whose id begins with "customer"  input[id^=customer]"    // Selects all elements whose id ends with "password"  "[id$=password]"    // Selects all elements whose id contains substring "pwd"  "[id*=pwd]"
 

Privacy Mask Types

A maskType can then be chosen to apply to the target(s).

There are four mask types:

maskType1: the selected value is set to an empty string
maskType2: the selected value is replaced with the fixed string "XXXXX"
maskType3: the selected value is replaced by a mask where:

Lowercase characters are replaced by "x"
Uppercase characters are replaced by "X"
Numbers are replaced by "9"
Symbols are replaced by "@"
HelloWorld!23 therefore becomes XxxxxXxxxx@99

maskType4: the selected value is replaced by the value returned by a custom JavaScript function. Used in conjuction with the "maskFunction" parameter.

Selectors are grouped into lists of targets, each with a maskType:
  
  privacy: [{            targets: [         "input[type=password]",         ".captcha",         "#surname",         { "id": "txtBusinessName", idType: -1 }         ],         "maskType": 2     }, {              targets: [         { id: { regex: ".+_pii$" }, idType: -1 },         "#email"         ],         "maskType": 4, // Masks with SHA256 hash         "maskFunction": "forge_sha256" // Function can also be inline here  }]
 

Privacy using blockedElements

The blockedElements parameter specifies a set of elements for which no user interaction is captured at all. No user interaction will be reported for both any specified element and any child elements.

Elements are specified as a comma separated list of CSS selectors in a section directly under the "core" section:
  
  core: {      blockedElements: [          "#cust-chat",           "#vip-cust-chat"      ],
This example blocks two similar customer chat popup windows. The windows themselves will still be captured as part of the DOM snapshots, but all interactions with them, including any typing, will not be captured. This is more efficient than capturing the information and then having to block it using privacy rules.

Warning: blockedElements are evaluated for each interaction event. Specifying inefficient CSS selectors can cause performance issues.

 

[{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSERNK","label":"Tealeaf Customer Experience"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
13 March 2019

UID

ibm10747269

Page Feedback