Sensitive Data Obfuscation

One strategy Apptentive offers to help prevent sensitive data from being sent from end consumers is though regex obfuscation. This guide is an overview of what regex obfuscation is, how it works, and how it can be implemented on Apptentive.

What is Regex Obfuscation?

The word “regex” is shorthand for “regular expression”, which, at its most basic, is a pattern of characters. Regex is useful because it can be used to create rules based on those patterns.

Regex obfuscation means that we detect data that fits those defined regex patterns, then obfuscate it, redacting it before anything is transferred to Apptentive’s servers.

For example, you could create a rule that says: redact the characters whenever a customer enters 9 digits in a row separated by dashes (like 123-45-6789). This could be one method to help prevent your customers from sharing social security numbers.

How It Works

Once enabled, all open-ended Survey responses and Message Center messages sent over HTTPS to Apptentive for ingestion will be searched for regex matches moving forward. If any matches are found, all matched strings will be replaced with the text “<REDACTED>” in the actual Survey text response and/or Message Center messages to be saved.

This change will impact all apps and Dashboards that are part of your organization, including both Apptentive for Mobile apps as well as Apptentive for Web apps.

No matched strings are saved in our databases or persisted in logs themselves. Only the replaced string “<REDACTED>” will be saved and visible.

Important: There are no reversal or lookup options to see the original data once it has been redacted. There are also no SDK updates required to use this feature since this is a server-side implementation.

Using Regex Obfuscation

If you’d like to explore using this feature for your organization, please contact your Account Manager or reach us here and we can point you in the right direction. This feature is reserved for Enterprise level customers.

In order to use this feature, we ask your assistance with two things. First, that you define the regex patterns that you’d like obfuscated. Second, that you help test to ensure that obfuscation is working as expected once those phrases have been blocked.

Testing is crucial as any strings that fit the defined patterns will be redacted, and once redacted, the data cannot be retrieved. If the expressions are too broad or not thoughtfully constructed, this can inadvertently cause data loss.

Have questions or need help? We’re here to help. Feel free to contact us.

Updated on August 19, 2020

Was this article helpful?

Related Articles