Setting up Privacy Filters
You can set up privacy filters to protect personal information that is not credit card data. You can also use these filters together with the Information Privacy redaction to enhance protection of credit card data.
When to Use Privacy Filters
Privacy filters are useful when you need to meet one or more of the following requirements:
You have certain patterns of data outside the realm of credit card formats that you would like to redact. For instance, you may need to redact US Social Security numbers, proprietary sensitive account numbers, motor vehicle registration or license identifiers, and the like.
You need to specify credit card patterns that fall outside the range of 13-16 digit lengths. (You could use this approach along with any of the PAN detection methods.)
You need to specify 13-16 digit custom formats when using a PAN detection method other than "Reflection PAN Detection."
If used in conjunction with the simple detection method based on preceding text, privacy filters do not honor the preceding text requirement.
When privacy filters detect a match, ALL of the non-whitespace characters are redacted. This differs slightly from PAN redaction, where only certain portions of the PAN are redacted according to the configuration setting Portion of PAN to redact.
Privacy filters are flexible and are easy to set up: The patterns can be any combination of alphanumeric "placeholders", wildcard specifiers (meaning they match anything) or literal text and can be set up for any length of text. The patterns also follow a simpler syntax than regular expressions without the potentially confusing syntax and rules. The filter format should be familiar to Extra! X-Treme customers, and is supported in Reflection 2007 and later.
Privacy Filters and PAN detection work together to keep sensitive information private. Privacy filters are applied after PAN detection, so keep in mind that portions of the host screen data may already be redacted by the time privacy filters are applied. This can prevent a configured filter from fully redacting data that would have "matched" had PAN redaction not been active.
To improve performance, do not duplicate existing PAN patterns in privacy filters.
How to set up Privacy Filters
Use the Information Privacy dialog box to set up privacy filters.
To set up Information Privacy Filters
From the Reflection File menu or the Reflection button (if using the Office 2007 Look and Feel), select Reflection Workspace Settings.
Under Trust Center, click Set Up Information Privacy.
In the Information Privacy dialog box, specify the Privacy Filters Redaction Rules and Privacy Filters you want to use.
To "lock down" these settings, see Control Access to Lock Down Settings and Controls.
To package this file for deployment, see Package Configuration Files.
Privacy filter settings are saved in the
PrivacyFilters.xmlfile. All other Information for Privacy settings is saved in the
PCIDSS.settingsfile. You can deploy these files to one of the following locations:
Location for a single user:
[AppDataFolder]is the full path of the Roaming folder for the current user. The default is
Location for all users:
[CommonAppDataFolder]is the full path to application data for all users. The default is