Permissions

Definition

View

View permission is a user or role-based control that determines whether an individual can access and view unmasked sensitive data classified as PII.

Create

The Create permission determines whether a user or role has the ability to define, configure, or apply new masking rules and policies for PII data within a system. This permission is critical for ensuring that masking is implemented securely and consistently across sensitive data.

Edit

The Edit permission allows users or roles to modify existing masking rules, policies, or configurations related to protecting PII data. The permission ensures that only authorized personnel can update how sensitive data is masked, balancing flexibility with security.

Delete

This permission allows authorized users or roles to remove existing masking rules, policies, or configurations. This permission is critical and must be tightly controlled, as deleting masking rules can expose sensitive PII data, and impact with compliance with data privacy regulations.

Parameter Name

Description

Name

Name of the masking template.

Description

Provides a brief description of the Masking Template.

Enable for voice Channels

Enable this toggle if masking needs to be enabled for voice interactions. The toggle remains disabled if the masking is enabled for digital messages.

Message Conditions

​

Defines various conditions based on which messages are filtered that require masking.

• Where: Depending upon whether the Enable for voice Channels toggle is enabled or disabled, various options will get populated in the Accounts dropdown. If enabled, voice accounts will get populated, else digital social accounts will apear in the dropdown.

• + Add Condition: Clicking on this will populate another row of filters next to AND to Select Attribute, Operator and Values. You can select one of the following attributes from the Select Attribute dropdown:

  • Message Type: Defines the type of messages you want to mask.

  • Channels: Masks messages from a specific channel.

  • In Fan Post: Checking on True will mask the Fan messages. Checking False will mask the Brand messages instead.

Users/User Groups

Using User/User Groups you can select with whom you want to share the masking details.

Parameter Name

Description

Approach

• AI Based: These techniques ensure privacy, compliance, and security across customer interactions. AI Based Masking is supported for English, French, Italian, German, Arabic and Urdu languages. Once the AI Based toggle is enabled, you can view the following two options:

  • Entities: Following is a list of fifty entities supported in AI-Based Masking

    • PREFIX – Prefix

    • PHONEIMEI - Phone IMEI  

    • USERNAME - Username  

    • GENDER - Gender  

    • URL - URL  

    • JOBAREA - Job Area  

    • EMAIL - Email  

    • JOBTYPE - Job Type  

    • COMPANYNAME - Company Name  

    • JOBTITLE - Job Title  

    • STREET - Street  

    • SECONDARYADDRESS - Secondary Address  

    • COUNTY - County  

    • AGE - Age  

    • USERAGENT - User Agent  

    • ACCOUNTNAME - Account Name  

    • ACCOUNTNUMBER - Account Number  

    • CURRENCYSYMBOL - Currency Symbol  

    • AMOUNT - Amount  

    • CREDITCARDISSUER - Credit Card Issuer  

    • CREDITCARDNUMBER - Credit Card Number  

    • CREDITCARDCVV - Credit Card CVV  

    • PHONENUMBER - Phone Number  

    • SEX - Sex  

    • IP - IP Address  

    • ETHEREUMADDRESS - Ethereum Address  

    • BITCOINADDRESS - Bitcoin Address  

    • MIDDLENAME - Middle Name  

    • IBAN - International Bank Account Number  

    • VEHICLEVRM - Vehicle VRM Code  

    • DOB - Date of Birth  

    • PIN - Credit Card Pin  

    • CURRENCY - Currency  

    • PASSWORD - Password  

    • CURRENCYNAME - Currency Name  

    • LITECOINADDRESS - Lite Coin Address  

    • CURRENCYCODE - Currency Code  

    • BUILDINGNUMBER - Building Number  

    • ORDINALDIRECTION - Ordinal Direction  

    • MASKEDNUMBER - Masked Number  

    • ZIPCODE - Zip Code  

    • BIC - Bank Identification Code  

    • IPV4 - IPV4 Address  

    • IPV6 - IPV6 Address  

    • MAC - MAC Address  

    • NEARBYGPSCOORDINATE - GPS Coordinate  

    • VEHICLEVIN - Vehicle VIN  

    • EYECOLOR - Eye Color  

    • HEIGHT - Height  

    • SSN - Social Security Number 

  • Exempt Words: These words are recognized by the AI as non-sensitive and are allowed to remain visible even if they resemble entities typically masked (For example, names, locations, or numbers). You also have an option to add an attachment either in the form of csv or xls.

  ​

• Regex Based: This masking technique refers to the use of Regular Expressions (Regex) to identify and obscure sensitive information by matching specific patterns in text. This technique provides a precise and customizable way to detect personally identifiable information (PII) like phone numbers, email addresses, credit card numbers, or other sensitive data formats. For example, a regex pattern for a credit card could be consecutive 16 digits. Here are few examples with some common regex:  

  • Example 1: n digit consecutive number in a message. Regex - \b\d{n}\b 

    The message is "My phone number is +91 1234567890", then the regex \b\d{10}\b will identify 1234567890 as PII.

  • Example 2: Credit Card Numbers in the format XXXX-XXXX-XXXX-XXXX. Regex - \b\d{4}-\d{4}-\d{4}-\d{4}\b  

    The message is "My credit card number is 1234-5678-1234-5678", then the regex will identify 1234-5678-1234-5678 as PII. 

Mask after time

Select the condition that determines the time to perform masking. From the dropdown, you can select one of the following:

• Message Creation Time: Refers to the timestamp at which a message or piece of content is created or received in the platform. The masking gets triggered after this.

• Call Disconnect Time: The Call Disconnect Time in PII Masking refers to the time period after a call has ended during which any data associated with the call is masked or removed from the system. This parameter ensures that sensitive data, such as phone numbers, credit card details, or personal information shared during a conversation, is not stored in logs or recordings beyond a defined time frame.

• Trigger On-Demand: Sometimes if you want to use the Create Masking Template to manually trigger masking in some cases through Rule Engine, then you can use Trigger On-Demand.

Masking Character

• A Masking Character refers to the symbol or character used to replace sensitive portions of data to ensure that personal information is protected while retaining the overall structure of the data. For example, if an email address johndoe@example.com is masked using a masking character *, it might appear as ****doe@**********.

Type

There are two types of Masking that are supported in Sprinklr:

• Permanent: Refers to the irreversible process of obfuscating sensitive information (such as email addressses, phone numbers, or other Personally Identifiable Information) so that the original data cannot be retrieved or restored after masking.

• Conditional: Refers to the process of masking information based on predefined rules or conditions. This ensures that Personally Identifiable Information (PII) is masked only when certain criteria are met, allowing for more dynamic and context-aware data protection. For example, if you want to mask a certain data but you also want certain users in the platform to get a view of that masked data, like in legal cases, where a legal team can access certain part of a call when a lawsuit is filed by the user.

Additional Settings

Mask Audio: Parts of an audio recording containing sensitive information (For example, names, phone numbers, credit card details) are automatically detected and masked (muted or replaced with silence/beep sounds) during or after the conversation if the Mask Audio toggle is enabled.

​