You can use Tealeaf to mask sensitive information to protect the data of users who interact with your website or mobile applications.
The information that follows explains how to mask sensitive information on the server-side of your Tealeaf solution. Server-side masking is one part of a concealment solution. See the Acoustic Developer Center documentation for more information about masking sensitive user input on the client-side.
The hit attribute can block and replace sensitive information. For masking to work, the event for which the hit attribute is a condition must fire.
What defines a hit attribute?
Hit attributes are defined by the following characteristics:
- The start and / or end patterns of strings
- A regular expression that is applied to found text.
The regular expression (regex) can enhance hit attribute filtering (match/privacy blocking/replacement) when start and end patterns do not isolate the target text completely.
- A specific string constant, like “SSN”
Note: A hit attribute can match either a start / end pattern, OR a specific string, but not both. You can apply a regular expression on either.
Mask sensitive data with hit attributes
Ideally, you never want sensitive data to be sent to Tealeaf. In most cases, you can block sensitive data through client-side configuration.
Server-side masking (implemented with hit attributes) is the mechanism for blocking /replacing content that was not blocked at the client side. The Web SDK on the client-side handles tagged content well, but can struggle with searching large chunks of text for complex patterns. Server-side masking serves as a "catch-all" for sensitive information that might not be stopped by client-side rules and configuration.
Let’s say the following error message was captured that includes a user’s social security number.
<form name="webform" action="form_submit method="get">
First Name: <input type="text" name="fname">
Last Name: <input type="text" name="lname" value="">
<font color="red">THIS IS A REQUIRED FIELD</font>
SSN: <input type="text" name=ssn value="012-34-567">
<input type="button" value="send_form">
To mask the social security number on the Tealeaf server side, you need to create and configure a Hit attribute.
The following example explains how to create and configure the Hit attribute to mask the SSN.
- Log in to Tealeaf.
- Select Event Manager.
- Select New Hit Attribute.
- Set the fields for the Hit attribute.
For example, set the following fields:
- Hit attribute name
- Enter a descriptive name for the Hit attribute. For example,
- Set Match to
- Set Use to
- Start tag
- For this example, you would enter the following value for the Start tag
<input type="text" name=ssn value="
- End tag
- For this example, you would enter the following value for the End tag:
- Block / Replace
- Select the check box for Block / Replace
- Block replacement
- For the Block replacement, you might enter the following text.
The expressions that you add to the Start tag and End tag is the text that encloses the SSN that is captured from the HTML in a DOM snapshot.
- Click Save to save the Hit attribute.
Consider the following items when masking sensitive data.
- The code for a web form can vary as follows.
Note: For any of these variations, the Start/End patterns would differ from the configuration settings that are specified in step 4.
You need to use a regular expression value to mask only the content of the value attribute.
Where everything inside of the parenthesis is masked with the value of the “Block replacement” field.
Note: The final double quotation mark can be in the regex only as a character that is looked for if the End pattern does not include the double quotation mark, for example,
Add the hit attribute as an event condition
After you configure and save the hit attribute to block and replace sensitive information, it's applied to incoming data automatically.
If you configure the hit attribute correctly, elements of sensitive information in the DOM snapshots that are captured by the configuration are sent to the Tealeaf UI as masked data, in the fashion that is specified when the DOM captures are viewed in a session replay.
The hit attribute configuration described here that matches against the "response" works equally well against DOM capture data, whether it be full DOM captures or DOM diffs.