Sensitive Data Handler
Summarize
Summary of Sensitive Data Handler
The Sensitive Data Handler is designed to protect sensitive information exchanged during Agent Chat or Virtual Agent conversations. It detects and masks sensitive data, such as social security numbers or confidential company information, ensuring that such data is not visible to agents or requesters. This functionality is crucial for maintaining privacy and compliance during interactions.
Show less
Key Features
- Data Masking: Automatically masks sensitive data entered by requesters or agents during chat sessions.
- Custom Configuration: Users can configure regular expressions for different types of sensitive data, select message handling directions (inbound, outbound, or both), and set notifications for masked messages.
- Pre-defined Regular Expressions: Comes with built-in patterns for common sensitive data types like credit card numbers, social security numbers, and email addresses that facilitate automatic detection and masking.
- Error Handling: Prevents the transmission of sensitive messages, displaying errors instead, and tagging such messages in internal transcripts for tracking.
- Authentication Support: Can collect sensitive data for user authentication as part of business processes.
Key Outcomes
By implementing the Sensitive Data Handler, ServiceNow customers can enhance data security during digital interactions, reduce the risk of data breaches, and ensure compliance with privacy regulations. The ability to customize and manage sensitive data handling allows organizations to tailor protections to their specific needs, ultimately fostering trust with users and maintaining organizational integrity.
During an Agent Chat or Virtual Agent conversation, the agent or requester may accidentally enter sensitive data. The Sensitive Data Handler detects and masks the sensitive data so it is not viewed by the agent or requester. The Sensitive Data Handler can also collect sensitive data as part of a business process, such as user authentication.
- A requester enters sensitive data, such as a social security number, during a conversation with a live agent or virtual agent.
- An agent enters company information, such as a manager's confidential email address, that the requester should not have access to.
- A requester enters sensitive data in a pre-chat or post-chat survey.
The Sensitive Data Handler detects and masks sensitive data when the requester is conversing through the chat widget, mobile (iOS/Android), or any of the supported adapter channels (SMS/Slack/Teams/Workplace).
- Regular expressions for each type of sensitive data (for example, social security number or credit card number).
- Whether sensitive data handling works only for inbound (from a requester) messages, outbound (from a live agent) messages, or both.
- Messages that displays to the requester or agent informing them that sensitive data has been masked.
If the requester sends a message containing sensitive data to an agent, a system message is sent to the requester and agent notifying both that the message contained sensitive data. The sensitive data is masked on the transcript and marked as sensitive on the internal transcript.
If an agent tries to send a message containing sensitive data to a requester, the message is not sent to the requester. Instead, an error is displayed to the agent and the message is tagged as sensitive in the internal transcript.
The Sensitive Data Handler can be configured to pass user authentication information to another entity. The requester might provide sensitive data during a conversation to prove their identity (for example, social security number, date or birth, email address).
The Sensitive Data Handler plugin [com.glide.sensitive_data_handling] can be installed by itself, without a Glide Virtual Agent or Agent Chat plugin. Regular expressions can be added, edited, and deleted from the Sensitive Data Handling module.
Regular Expressions
The base system of the Sensitive Data Handler comes with pre-defined regular expressions for credit/debit card numbers, social security numbers, and email addresses. When the Sensitive Data Handler detects a regular expression, it uses the defined masking pattern to mask sensitive data. To define your own regular expressions and patterns to mask other sensitive data, see Configuring Sensitive Data Handler. If a regular expression is not properly configured, the system may get stuck while attempting to match the regular expression with the message. To prevent the system from getting stuck, the system times out after one second.
| Name | Regular expression | Details |
|---|---|---|
| Credit Card - Visa | \b4[0-9]{12}(?:[0-9]{3})?\b |
|
| Credit Card - American Express | \b3[47][0-9]{13}\b |
|
| Credit Card - Mastercard | \b(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}\b |
|
| Credit Card - Diners Club | \b3(?:0[0-5]|[68][0-9])[0-9]{11}\b |
|
| Credit Card - Discover | \b6(?:011|5[0-9]{2})[0-9]{12}\b |
|
| Social security number | \b(?!666|000|9\d{2})\d{3}-(?!00)\d{2}-(?!0{4})\d{4}\b |
|
| \b[\w!#$%&'*+/=?`{|}~^-]+(?:\.[\w!#$%&'*+/=?`{|}~^-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}\b |
|