Personally identifiable information (PII), or sensitive personal information (SPI), refers to information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Some examples of PII include Social Security Number, email address, credit card numbers, passport number, home address, and so forth.
Kore.ai allows you to redact any sensitive information that users share with your bots. When you enable redaction for an information type, you can transform its value into a pattern that doesn’t contain comprehensible data. Any end user input that matches the PII pattern gets redacted by the platform in the context object, chat logs and all other places.
There are a few scenarios where the original value can be used to achieve the business needs.
- If a PII value is used in Dialog Task transitions, the platform automatically uses the original value for the transition condition evaluation.
- If a PII value is used in the Service Node definition, the platform uses the redacted value by default to make the service calls. You can choose to send the original data using the ‘De-identification of PII data’ configuration of the Service Node. Refer to the Service Node post for more details
- You may use the Redaction of PII Data configuration of the Entity Nodes to present the original values of an redacted entity value to the users. Refer to the Entity Node post for more details.
The platform provides the following three modes to redact specified information types:
Option | Description | Example |
---|---|---|
Redaction | Replaces the data with a unique random alphanumeric value | An email address entered gets replaced with a random value such as jjh4ezb2 |
Replacement | Replaces the data with a static value that you enter in the PII Redaction settings. | If the static value entered is asdf1234, any email address entered is replaced with asdf1234 |
Mask with Character | Replaces the first few and last few characters of the data with ‘+’ or ‘#’ symbols. You can select the number of characters to mask as well as the symbol for masking. | If you configure the first four and last four characters to be masked with ‘+’, an email address such as helpdocs@kore.ai gets redacted as ++++docs@kor++++ |
How to Redact
- Open the bot for which you want to configure the PII settings.
- Select the Build tab from the top menu.
- From the left menu, click Configuration -> PII Settings.
- The PII Redaction page opens.
- If PII Redaction isn’t enabled for the bot, toggle the switch to Yes. The page now shows a list of information types whose redaction settings are configured by default.
- To activate the redaction of any of these out-of-the-box information types, toggle the switch next to them to Enable. To edit their redaction settings, click their name.
- To configure redaction settings for any other information types, click Add New on the top-right side of the PII Redaction page.
Configuration Fields
Field | Description |
---|---|
Information Type | Enter a name for the information type you want to secure, for example, Credit Card Number. |
Definition | Enter a regular expression for recognizing the information type from user entries. For example, a regex value for a Visa credit card could be similar to ^4[0-9]{12}(?:[0-9]{3})?$ |
Map Entities | Map all the entities in the bot’s Dialog tasks that correspond to the information type. Note: If you do not map entities corresponding to redacted information types, even valid user entries for those entities cause errors in the dialog tasks. For example, let’s say you have enabled redaction for email information type. When a user enters an email address for a bot entity, the platform immediately redacts the information even before the entity node captures it, as emails are set up for redaction. The entity node then receives redacted data, and since the entity is not mapped in the redaction settings, it assumes the redacted value as an invalid email entry. Whereas, if you map the entity in the redaction settings, the entity recognizes the data redacted and accepts it. |
Display Type |
Select one of these modes to display the redacted data anywhere in the platform: Redaction, Replacement, Mask with Character. Note: The value displayed would be prefixed with a platform generated random unique identifier. This is the key used internally to retrieve the original value in case of conditional transitions etc.. |