Policy Definition
Policy configuration used by the AI Developer Edition API Service.
The superuser has all permissions, that is, protect, unprotect, and reprotect operations. Users assigned the admin role will receive protected data when performing an unprotect operation, except in the case of the text data elements, which will return null. All other user roles will receive null as the output for any unprotect operation.
Generic Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| datetime | Tokenization | A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - This data element is required. | N/A | N/A | N/A | No | ✓ | X | X | X | X | ✓ | X | X |
| datetime_yc | Tokenization | A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - This data element is required. Leaves the year in the clear. | N/A | N/A | N/A | No | ✓ | X | X | X | X | ✓ | X | X |
| int | Tokenization | An integer string (4 bytes). | Numeric | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| number | Tokenization | A numeric string. May produce leading zeroes. | Numeric | Yes | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| string | Tokenization | An alphanumeric string. | Latin + Numeric | Yes | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| text | Encryption | A long string, such as a comment field using any character set. Use hex or base64 encoding to utilize. | All | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| fpe_numeric | FPE (Format Preserving Encryption) | Encrypts numeric data using FPE NIST 800-38G standard. Preserves length and uses Numeric (0-9) as plaintext and ciphertext alphabet. | Numeric | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| fpe_alpha | FPE (Format Preserving Encryption) | Encrypts alphabetic data using FPE NIST 800-38G standard. Preserves length and uses Alpha (a-z, A-Z) as plaintext and ciphertext alphabet. | Alpha | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| fpe_alphanumeric | FPE (Format Preserving Encryption) | Encrypts alphanumeric data using FPE NIST 800-38G standard. Preserves length and uses Alpha-Numeric (0-9, a-z, A-Z) as plaintext and ciphertext alphabet. | Alpha-Numeric | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| fpe_latin1_alpha | FPE (Format Preserving Encryption) | Encrypts alphabetic data using FPE NIST 800-38G standard. Preserves length and uses Unicode, such as Basic Latin and Latin-1 Supplement Alpha as plaintext and ciphertext alphabet. | Unicode (Basic Latin + Latin-1 Supplement Alpha) | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| fpe_latin1_alphanumeric | FPE (Format Preserving Encryption) | Encrypts alphanumeric data using FPE NIST 800-38G standard. Preserves length and uses Unicode, such as Basic Latin and Latin-1 Supplement Alpha-Numeric as plaintext and ciphertext alphabet. | Unicode (Basic Latin + Latin-1 Supplement Alpha-Numeric) | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| mask | Masking | Mask all the characters in the input; output is configured as the mask. It is set to "mask". | N/A | N/A | N/A | N/A | ✓ | X | X | X | X | ✓ | X | X |
| no_encryption | No Encryption | No encryption applied to the data element. | N/A | N/A | N/A | N/A | ✓ | X | X | X | X | ✓ | X | X |
| short | Tokenization | Protect or unprotect a 2-byte integer string. | Numeric | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
| long | Tokenization | Protect or unprotect an 8-byte integer string. | Numeric | Yes | Yes | Yes | ✓ | X | X | X | X | ✓ | X | X |
PCI DSS Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| ccn | Tokenization | Credit card numbers. | Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| ccn_bin | Tokenization | Credit card numbers. Leaves 8-digit BIN in the clear. | Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| iban | Tokenization | IBAN numbers. Preserves the length, case, and position of the input characters but may create invalid IBAN codes. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | ✓ | X | X | X | ✓ |
| iban_cc | Tokenization | IBAN numbers. Leaves letters in the clear. | Latin + Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
Generic PII Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| address | Tokenization | Street names | Latin + Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| city | Tokenization | Town or city name | Latin | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| Tokenization | Email address. Leaves the domain in the clear. | Latin + Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ | |
| nin | Tokenization | National Insurance Number. Preserves the length, case, and position of the input characters but may create invalid NIN codes. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | X | X | X | X | X |
| name | Tokenization | Person's name | Latin | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| passport | Tokenization | Passport codes. Preserves the length, case, and position of the input characters but may create invalid passport numbers. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | X | X | X | X | X |
| phone | Tokenization | Phone number. May produce leading zeroes. | Latin + Numeric | Yes | No | Yes | ✓ | X | X | X | X | X | X | X |
| postcode | Tokenization | Postal codes with digits and characters. Preserves the length, case, and position of the input characters but may create invalid post codes. | Latin + numeric | Yes | Yes | No | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| ssn | Tokenization | Social Security Number (US) | Latin + Numeric | Yes | No | Yes | ✓ | X | X | X | X | X | X | X |
| zipcode | Tokenization | Zip codes with digits only. May produce leading zeroes. | Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
PII Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| address_de | Tokenization | Street names (German) | Latin + German + Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| address_fr | Tokenization | Street names (French) | Latin + French + Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| city_de | Tokenization | Town or city name (German) | Latin + German | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| city_fr | Tokenization | Town or city name (French) | Latin + French | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| name_de | Tokenization | Person's name (German) | Latin + German | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| name_fr | Tokenization | Person's name (French) | Latin + French | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
LEGEND
- eIV: External IV
- LP: Length Preservation
- PP: Position Preservation
- P: User group can protect data
- U: User group can unprotect data
Feedback
Was this page helpful?