Feature Snapshot
Summary:
Flagging Sensitive Data is a mechanism implemented in TrustedForm Certify to protect sensitive consumer information by marking specific form fields or content elements so that their raw values are not stored—instead, a cryptographic hash is recorded, ensuring that personally identifiable information (PII) in completely inacessible.
Key Benefits:
- Prevents sensitive PII such as credit card numbers, SSNs, and bank account details from being recorded
- Helps ensure compliance with legal requirements and the TrustedForm EULA
- Retains a usable certificate for auditing and legal defense without exposing raw sensitive data
Typical Use Cases:
- Online forms capturing sensitive information (e.g., credit card, SSN inputs)
- Lead generation pages that require secure handling of consumer data
- Form that capture information unrelated to the offer(s) for which a lead is being generated
How the Flagging Sensitive Data works
TrustedForm Certify by default captures all data submitted on a web form. To protect sensitive information, you can mark individual form fields or larger content areas with a dedicated HTML attribute (data-tf-sensitive=“true”). When applied, TrustedForm Certify processes the marked data using a cryptographic hash function, so that instead of storing the raw sensitive data, it stores a secure, irreversible hash. Additionally, if you wish to treat all fields as sensitive by default, you can enable the invert field sensitivity setting via the TrustedForm Certify Web SDK and then manually mark only non‑sensitive fields with data-tf-sensitive=“false”.
Step‑by‑Step Instructions
-
Identify Sensitive Data Fields and Content:
Review your web form to pinpoint all the input fields and content sections that capture or display sensitive data such as social security numbers, bank account numbers, or credit card details. -
Flag Individual Fields as Sensitive:
In your HTML, add the attribute data-tf-sensitive=“true” to each input element that contains sensitive user data.
Example:
<input type="text" name="ssn" data-tf-sensitive="true" /> -
Flag Content Elements as Sensitive:
For larger content areas (such as a div wrapping several inputs or displaying sensitive information), add the same attribute to the container element.
Example:<div data-tf-sensitive="true"> <!-- Sensitive content goes here---> </div> -
(Optional) Enable Invert Field Sensitivity:
If you prefer to treat every form field as sensitive by default, enable the invertFieldSensitivity setting in the TrustedForm Certify Web SDK. Then explicitly mark non‑sensitive fields with data-tf-sensitive=“false”.
Example:
<input type="text" name="phone" data-tf-sensitive="false" />
Expected Result:
When a user submits the form, any fields flagged as sensitive will not display their raw values in the TrustedForm certificate or session replay. Instead, these fields are replaced with a hashed or masked output, ensuring that sensitive data remains protected.
Validation & Monitoring (optional)
- Test the Setup: Submit a test lead using your updated form and verify in the TrustedForm session replay that sensitive fields are redacted, showing placeholders or asterisks rather than raw text.
Best Practices
- Only flag fields and content that truly collect sensitive information to avoid losing valuable non‑sensitive data.
- For composite form elements (e.g., a checkbox with associated label), consider flagging the entire container to ensure complete protection.
- When utilizing invert field sensitivity, double-check that fields intended to be captured as non‑sensitive are explicitly marked with data-tf-sensitive=“false”.
Troubleshooting
| Symptom / Error | Likely Cause | Resolution |
|---|---|---|
| Sensitive data appears unmasked in session replay | The field or content element was not flagged with data‑tf‑sensitive=“true” | Review your HTML code to ensure the attribute is correctly added to each sensitive field or container element. |
Frequently Asked Questions (FAQ)
Q: What does flagging sensitive data do?
A: Flagging sensitive data marks specific form fields or content elements so that TrustedForm Certify applies a cryptographic hash instead of storing plain text, thereby making the data inacessible.
Q: How do I flag a field as sensitive?
A: Simply add the attribute data-tf-sensitive=“true” to the HTML tag of the input or content element that collects sensitive data.
Q: Can non‑input elements be flagged as sensitive?
A: Yes. You can add the same attribute to container elements like div, img, or p tags so that all nested content is either obscured or removed in the session replay.
Q: What does invert field sensitivity mean?
A: Invert field sensitivity is an option in the TrustedForm Certify Web SDK that treats all form fields as sensitive by default (thus hashing them) unless explicitly marked as non‑sensitive using data-tf-sensitive=“false”.
Q: Why should I flag sensitive data?
A: Flagging sensitive data helps practice data minimization priciples and can prevent sensitive information from being exposed unnecessarily.
Glossary
| Term | Definition |
|---|---|
| Sensitive Data | Personal or confidential information (e.g., credit card numbers, SSNs) requiring extra security. |
| Flagging | The process of marking fields or content elements with a specific data attribute (data‑tf‑sensitive) to trigger data masking or hashing. |
| Cryptographic Hash | A mathematical function that converts data into an irreversible, fixed-length string to protect original content. |
| Invert Field Sensitivity | A configuration option that treats all form fields as sensitive by default unless they are explicitly marked as non‑sensitive. |
Comments
0 comments
Please sign in to leave a comment.