Policy Definition

Policy configuration used by the AI Developer Edition API Service.

The superuser has all permissions, that is, protect, unprotect, and reprotect operations. Users assigned the admin role will receive protected data when performing an unprotect operation, except in the case of the text data elements, which will return null. All other user roles will receive null as the output for any unprotect operation.

Generic Data Elements

Data Element	Method	Use Case	UTF Set	LP	PP	eIV	Role
							Admin		Finance		Marketing		HR
							P	U	P	U	P	U	P	U
datetime	Tokenization	A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - This data element is required.	N/A	N/A	N/A	No	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
datetime_yc	Tokenization	A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - This data element is required. Leaves the year in the clear.	N/A	N/A	N/A	No	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
int	Tokenization	An integer string (4 bytes).	Numeric	No	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
number	Tokenization	A numeric string. May produce leading zeroes.	Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
string	Tokenization	An alphanumeric string.	Latin + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
text	Encryption	A long string, such as a comment field using any character set. Use hex or base64 encoding to utilize.	All	No	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
fpe_numeric	FPE (Format Preserving Encryption)	Encrypts numeric data using FPE NIST 800-38G standard. Preserves length and uses Numeric (0-9) as plaintext and ciphertext alphabet.	Numeric	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
fpe_alpha	FPE (Format Preserving Encryption)	Encrypts alphabetic data using FPE NIST 800-38G standard. Preserves length and uses Alpha (a-z, A-Z) as plaintext and ciphertext alphabet.	Alpha	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
fpe_alphanumeric	FPE (Format Preserving Encryption)	Encrypts alphanumeric data using FPE NIST 800-38G standard. Preserves length and uses Alpha-Numeric (0-9, a-z, A-Z) as plaintext and ciphertext alphabet.	Alpha-Numeric	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
fpe_latin1_alpha	FPE (Format Preserving Encryption)	Encrypts alphabetic data using FPE NIST 800-38G standard. Preserves length and uses Unicode, such as Basic Latin and Latin-1 Supplement Alpha as plaintext and ciphertext alphabet.	Unicode (Basic Latin + Latin-1 Supplement Alpha)	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
fpe_latin1_alphanumeric	FPE (Format Preserving Encryption)	Encrypts alphanumeric data using FPE NIST 800-38G standard. Preserves length and uses Unicode, such as Basic Latin and Latin-1 Supplement Alpha-Numeric as plaintext and ciphertext alphabet.	Unicode (Basic Latin + Latin-1 Supplement Alpha-Numeric)	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
mask	Masking	Mask all the characters in the input; output is configured as the mask. It is set to "mask".	N/A	N/A	N/A	N/A	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
no_encryption	No Encryption	No encryption applied to the data element.	N/A	N/A	N/A	N/A	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
short	Tokenization	Protect or unprotect a 2-byte integer string.	Numeric	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ
long	Tokenization	Protect or unprotect an 8-byte integer string.	Numeric	Yes	Yes	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	✓	Ｘ	Ｘ

PCI DSS Data Elements

Data Element	Method	Use Case	UTF Set	LP	PP	eIV	Role
							Admin		Finance		Marketing		HR
							P	U	P	U	P	U	P	U
ccn	Tokenization	Credit card numbers.	Numeric	No	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	X	Ｘ	✓
ccn_bin	Tokenization	Credit card numbers. Leaves 8-digit BIN in the clear.	Numeric	No	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	X	Ｘ	✓
iban	Tokenization	IBAN numbers. Preserves the length, case, and position of the input characters but may create invalid IBAN codes.	Latin + Numeric	Yes	Yes	No	✓	Ｘ	Ｘ	✓	Ｘ	X	Ｘ	✓
iban_cc	Tokenization	IBAN numbers. Leaves letters in the clear.	Latin + Numeric	No	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	X	Ｘ	✓

Generic PII Data Elements

Data Element	Method	Use Case	UTF Set	LP	PP	eIV	Role
							Admin		Finance		Marketing		HR
							P	U	P	U	P	U	P	U
address	Tokenization	Street names	Latin + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	Ｘ	Ｘ	✓
city	Tokenization	Town or city name	Latin	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
email	Tokenization	Email address. Leaves the domain in the clear.	Latin + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
nin	Tokenization	National Insurance Number. Preserves the length, case, and position of the input characters but may create invalid NIN codes.	Latin + Numeric	Yes	Yes	No	✓	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ
name	Tokenization	Person's name	Latin	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
passport	Tokenization	Passport codes. Preserves the length, case, and position of the input characters but may create invalid passport numbers.	Latin + Numeric	Yes	Yes	No	✓	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ
phone	Tokenization	Phone number. May produce leading zeroes.	Latin + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ
postcode	Tokenization	Postal codes with digits and characters. Preserves the length, case, and position of the input characters but may create invalid post codes.	Latin + numeric	Yes	Yes	No	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
ssn	Tokenization	Social Security Number (US)	Latin + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ	Ｘ
zipcode	Tokenization	Zip codes with digits only. May produce leading zeroes.	Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓

PII Data Elements

Data Element	Method	Use Case	UTF Set	LP	PP	eIV	Role
							Admin		Finance		Marketing		HR
							P	U	P	U	P	U	P	U
address_de	Tokenization	Street names (German)	Latin + German + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	Ｘ	Ｘ	✓
address_fr	Tokenization	Street names (French)	Latin + French + Numeric	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	Ｘ	Ｘ	✓
city_de	Tokenization	Town or city name (German)	Latin + German	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
city_fr	Tokenization	Town or city name (French)	Latin + French	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
name_de	Tokenization	Person's name (German)	Latin + German	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓
name_fr	Tokenization	Person's name (French)	Latin + French	Yes	No	Yes	✓	Ｘ	Ｘ	✓	Ｘ	✓	Ｘ	✓

LEGEND

eIV: External IV
LP: Length Preservation
PP: Position Preservation
P: User group can protect data
U: User group can unprotect data