A birthday is the anniversary of the birth of a person which is celebrated in numerous cultures, often with birthday gifts, birthday cards, a birthday party, or a rite of passage.
There is a distinction between birthday and birth date: The former, other than February 29, occurs each year (e.g. January 20), while the latter is the exact date a person was born (e.g., January 20, 2001).
Why need to mask DOB?
Scammers, fraudsters, and identity thieves can wreak havoc with just your name, date of birth (DOB), and address.Fraudsters need just these three key bits of information to steal your identity and access your accounts, take out loans, credit cards, mobile phones in your name. These can be found on social media profiles, such as Facebook. And if your settings are not private or masked, this is available for anyone to see.
That’s what generally organizations while asking for date of birth masked years part or complete date so that not share by anyone except person working on web page.
There are different pattern to write date but here we mainly focus on most common used pattern (MM/dd/yyyy). According to your need you can modify example with respect to date pattern.
Here considering, date represent as MM/dd/yyyy. By masking will hide all digits except slaces. For example, Date is 06231987 than after formatting and mask will display as XX/XX/1987.
HTML Changes
Create a text box on your page with below html. Refer attachment
Java Script/JQuery Changes
Copy below java script in your head section of page.
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask DOB
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Sensitive Personal Identifying Information (PII)/ Personal Confidential Information is defined as information that if lost, compromised, or disclosed could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual.
This information can be used by scammers, Fraudsters and criminals to conducts identity theft, blackmailing, stalking or other crimes against an individuals. That’s what as per Federal State laws when asked individuals personal information online or print on logs that should be masked so that not misuse by fraud persons. If an organization is not hiding it that’s privacy violation of personal information of users or customer.
Below are most common personal sensitive and confidential information’s of an individual. Some of standalone information is sufficient and some required other information by fraud persons to make identity theft, criminal activities and financial loss also.
Here is in-depth knowledge of each sensitive information and how it can impact to individuals. You can follow the link to get script for masking of each sensitive information.
Bank Account Number
Bank account number is unique number with in organization to track a particular personal detail. Most of the banks have unique account numbers, varies from 9 digits to 18 digits. Most of the banks (67 out of 78) have included branch code as part of the account number structure.
In USA, combination of account number and routing number together is very sensitive if a person know about both account number and routing number can transfer someone’s complete checking account/ direct deposit account money.
The Routing number is a nine digit code that’s based on US. Bank location where your account was opened. People often used routing number when making payment online or by phone.
The routing number is sensitive information, In USA if you know checking account number and routing number of some one you can make online payment/ withdraw from direct deposit account . Organization must make account number and routing number as mask on payment page so that nobody take snapshot and see these detail for fraud.
Credit card number is one of sensitive information. If credit card number stolen by some one then do lots of fraud like purchasing online, create clone of your card or sell it to someone else to make transactions online.
There are lots of way to theft credit card information by hackers and fraudsters but for organization level to stop privacy violation when asked user to make payment online and enter card information that should be mask.
The CVV/CVC code (Card Verification Value/Code) is located on the back of your credit/debit card on the right side of the white signature strip. It is always the last 3 digits in case of VISA and MasterCard but for American Express Card having four digits and front of card.
Nowadays, It is possible to easily get card details of someone else. For example CCTV cameras are in operation in almost every shop and follow you while paying. Not only because of this fact the CVV/CVC verification code is located on the back of your payment card and represents the basic security feature. Therefore CVV/CVC code is required for all online payments where the card is not present and the PIN code cannot be entered.
Aadhaar is a verifiable 12-digit identification number issued by UIDAI (“Authority”) to the resident of India for free of cost after satisfying the verification process laid down by the Authority. Any individual, irrespective of age and gender, who is a resident of India, may voluntarily enroll to obtain Aadhaar number based on demographic and bio-metric information.
Aadhar number is very sensitive information by which we can track an individual complete information. Generally bank asked for aadhar number while authenticate a person. Complete Source Code : How to mask Aadhar Card Number on web page
Passport
The passport serves as proof of your identity and your nationality which itself can be advantageous depending on your destination. As such, you should prioritize its security above all else when you travel overseas.
Consequences of Passport Number Identity Theft
Under no circumstances should you disclose any sensitive information regarding yourself, passport number included. It may just be a jumble of digits but it’s a very valuable commodity for criminals if they even get their hands on it. There are lots of consequences of passport identity theft as below:
A criminal could easily manufacture a passport with passport number, full legal name , date of birth and another person’s picture on it. This may not get them into the US (easily) but it could conceivable get them to a country nearby and then from there they could travel to the US or travel on others countries.
Criminal all over the world can use others stolen passport to commit a crime or do anything on others name.
The passport is use as an identity official documents if you don’t have driving license. Think about if someone using fraud passport and make some accident on road.
The fraud passport with your personal information full legal name, date of birth (available in facebook) , another person picture and address used to impersonate you. This fraud passport can be used as identity proof to open and access your credit / debit cards, social security, email, medical records, your character, your tax records.
A lot of passports have a chip too, which stores all your personal data.
In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary working (Some Visa holders) to track individuals for social security purposes and also used as national identification number by financial institutions to authenticate a person to setup bank accounts, credit cards , loans and tax filing.
ITIN (Individual Taxpayer Identification Number) numbers are issued by the IRS (Internal Revenue Service) to individuals who do not have, and are not eligible to obtain, a valid U.S. Social Security Number, but who are required by law to file a U.S. Individual Income Tax Return.
ITIN is a nine digit number and always begins with the number 9 and has a 7 or 8 in the fourth digit, such as 9XX-7X-XXXX. 4th and 5th digits, also known as second section (xxx-xx-xxxx), range from 70 to 88, 90 to 92 and 94 to 99.
Scammers, fraudsters, and identity thieves can wreak havoc with just your name, date of birth (DOB), and address. Fraudsters need just these three key bits of information to steal your identity and access your accounts, take out loans, credit cards, mobile phones in your name. These can be found on social media profiles, such as Facebook. And if your settings are not private or masked, this is available for anyone to see.
That’s what generally organizations while asking for date of birth masked years part or complete date so that not share by anyone except person working on web page.
A lot of information that you share freely, such as your date of birth, phone number, ZIP code and email address, are very valuable to criminals. Think of how many accounts require you to verify your identity by entering in your birthday or your ZIP code before making a transaction.
Alone, your ZIP code might not be of much value all by itself, but criminals will take that information and post it on underground sites where they buy, sell and trade bunches of personal information. From those sites, criminals can purchase enough of your personal information to use it for fraud. Complete Source Code :How to mask Pincode/Zipcode /Postal Code on web page
IP (Internet Protocol)
The reason to hide your IP address is simply for more privacy and to prevent misuse of your personal information. Whenever you access a website, the server you connect to logs your IP address and attaches it to all the other data the site can learn about you: your browsing habits, what you click on, how long you spend looking at a particular page. They then sell this data to advertising companies who use it to tailor ads straight to you. This is why ads on the internet sometimes feel oddly personal: it’s because they are. Your IP address can also be used to track your location, even when your location services are turned off.
In United states, Driving License is second social security identity after SSN. It should be hide and not shared with any one because having access to that one number can provide an identity thief with several pieces of information they want to know about you.
With Driving License card, someone knows your birth date, address, and even your height, eye color, and signature.
If someone gets your driver’s license number, it is also big concern because it’s connected to your vehicle registration and insurance policies, as well as records on file with the Department of Motor Vehicles, place of employment (that keep a copy of your driver’s license on file), doctor’s office, government agencies, and other entities.
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: host or network interface identification and location addressing.
IP addresses are usually written and displayed in human-readable notations, such as 178.17.253.12 .
The reason to hide your IP address is simply for more privacy and to prevent misuse of your personal information. Whenever you access a website, the server you connect to logs your IP address and attaches it to all the other data the site can learn about you: your browsing habits, what you click on, how long you spend looking at a particular page. They then sell this data to advertising companies who use it to tailor ads straight to you. This is why ads on the internet sometimes feel oddly personal: it’s because they are. Your IP address can also be used to track your location, even when your location services are turned off.
Here considering, IP address is represent as above. By masking will hide all digits except dot (.) . For example, IP address is 178.17.253.12 than after mask will display as XXX.XX.XXX.XX .
HTML Changes
Create a text box on your page as in attachment of download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
var originalVal;
$(document).ready(function()
{
if($('#txtIP').val().length>0)
{
if($('#txtIP').val().indexOf("X")==-1)
{
originalVal=$('#txtIP').val();
}
maskIP(this);
}
$('#txtIP').blur( function(e)
{
if($('#txtIP').val().indexOf("X")==-1)
{
originalVal=$('#txtIP').val();
}
maskIP(this);
});
$('#txtIP').focus( function(e)
{
$(this).val(originalVal);
});
});
function maskIP(regularIP)
{
var varlen =$(regularIP).val().length;
//to check only allow char as . and numbers
if($(regularIP).val().match(/[^.\d]/))
{
$("#error").text('Not Valid IP.');
}
else
{
$("#error").text('');
var str = $(regularIP).val();
//Replace all digits with X except .
var mask = $(regularIP).val().replace(/\d/gi, 'X');
$(regularIP).val(mask);
}
}
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask IP
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
The CVV/CVC code (Card Verification Value/Code) is located on the back of your credit/debit card on the right side of the white signature strip. It is always the last 3 digits in case of VISA and MasterCard but for American Express Card having four digits and front of card.
Nowadays, It is possible to easily get card details of someone else. For example CCTV cameras are in operation in almost every shop and follow you while paying. Not only because of this fact the CVV/CVC verification code is located on the back of your payment card and represents the basic security feature. Therefore CVV/CVC code is required for all online payments where the card is not present and the PIN code cannot be entered.
Card Security Code Names
This card security code also called by different names as below:
CID (Card Id or Card Identification Number or Card Identification Code): Discover, American Express (four digits on front of card)
CSC (Card Security Code) : debit cards, American Express (three digits on back of card).
CVC2 (Card Validation Code): MasterCard
CVD (Card Verification Data): Discover, sometimes used as the common initialism for this kind of code
Here considering, CVV of length 3 digits. By masking will hide all 3 digits. For example, my account number is 123 than after mask will display as XXX. CVV for some card can also be as four digit take this as assignment and make code changes accordingly so that support for both three and four digits.
HTML Changes
Create a text box on your page as in attachment in download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
var originalVal;
$(document).ready(function()
{
if($('#txtCVV').val().length>0)
{
if($('#txtCVV').val().indexOf("X")==-1)
{
originalVal=$('#txtCVV').val();
}
maskCVV(this);
}
$('#txtCVV').blur( function(e)
{
if($('#txtCVV').val().indexOf("X")==-1)
{
originalVal=$('#txtCVV').val();
}
maskCVV(this);
});
$('#txtCVV').focus( function(e)
{
$(this).val(originalVal);
});
});
function maskCVV(regularCVV)
{
var varlen =$(regularCVV).val().length;
if(varlen > 8)
{
$("#error").text('Not Valid CVV.');
}
else
{
$("#error").text('');
var str = $(regularCVV).val();
//Replace all characters with X
var mask = $(regularCVV).val().replace(/./gi, 'X');
$(regularCVV).val(mask);
}
}
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask CVV
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
ITIN (Individual Taxpayer Identification Number) numbers are issued by the IRS (Internal Revenue Service) to individuals who do not have, and are not eligible to obtain, a valid U.S. Social Security Number, but who are required by law to file a U.S. Individual Income Tax Return. ITIN is a nine digit number and always begins with the number 9 and has a 7 or 8 in the fourth digit, such as 9XX-7X-XXXX.4th and 5th digits, also known as second section (xxx-xx-xxxx), range from 70 to 88, 90 to 92 and 94 to 99.
ITIN identity theft occurs when someone uses a stolen SSN and ITINSocial Security number to file a tax return to claim a fraudulent refund. A taxpayer’s SSN can be stolen through a data breach, a computer hack or a lost wallet. Although identity theft affects a small percentage of tax returns, it can have a major impact on victims by delaying their refunds.
Consequences of ITIN Theft
More than one tax return was filed for you.
You owe additional tax, have a refund offset or have had collection actions taken against you for a year you did not file a tax return.
IRS records indicate you received more wages than you actually earned.
Your state or federal benefits were reduced or cancelled because the agency received information reporting an income change.
Tips to protect you from becoming a victim of identity theft
Don’t carry your Social Security card or any documents that include your Social Security number (SSN) or Individual Taxpayer Identification Number (ITIN).
Don’t give a business your SSN or ITIN just because they ask. Give it only when required
Protect your financial information.
Check your credit report every 12 months.
Review your Social Security Administration earnings statement annually.
Secure personal information in your home.
Protect your personal computers by using firewalls and anti-spam/virus software, updating security patches and changing passwords for Internet accounts.
Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact or you are sure you know who you are dealing with.
Here, you will know about mask ITIN on web page so that can’t see by fraud person there other cases also where sensitive information need to mask by organization for come over from privacy violation.
Here considering, ITIN of length 9 digits. By masking will hide initial 5 digits and show only last 4 digits. For example, ITIN is 123456789 than after mask will display as XXX-XX-6789.
HTML Changes
Create a text box on your page as in attachment in download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organizations having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask ITIN
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary working (Some Visa holders) to track individuals for social security purposes and also used as national identification number by financial institutions to authenticate a person to setup bank accounts, credit cards , loans and tax filing.
The SSN is frequently used by those involved in identity theft, because people asking for treat it as an authentication. If some one know about SSN, current address , zip code etc. generally fraud person can retrieve other detail from financial institutions to make financial losses.
Tips to protect you from becoming a victim of identity theft
Don’t carry your Social Security card or any documents that include your Social Security number (SSN) or Individual Taxpayer Identification Number (ITIN).
Don’t give a business your SSN or ITIN just because they ask. Give it only when required
Protect your financial information.
Check your credit report every 12 months.
Review your Social Security Administration earnings statement annually.
Secure personal information in your home.
Protect your personal computers by using firewalls and anti-spam/virus software, updating security patches and changing passwords for Internet accounts.
Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact or you are sure you know who you are dealing with.
Here, you will know about mask SSN on web page so that can’t see by fraud person there other cases also where sensitive information need to mask by organization for come over from privacy violation.
Here considering, SSN of length 9 digits. By masking will hide initial 5 digits and show only last 4 digits. For example, SSN is 123456789 than after mask will display as XXX-XX-6789.
HTML Changes
Create a text box on your page as in attachment in download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organizations having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask SSN
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
The Routing number is a nine digit code that’s based on U.S Bank location where your account was opened. People often used routing number when making payment online or by phone.
The routing number is sensitive information, In USA if you know checking account number and routing number of some one you can make online payment. Organization must make account number and routing number as mask on payment page so that nobody take snapshot and see these detail for fraud.
Here routing number of length 9 digits. By masking will hide all digits. For example, my routing number is 123456789 than after mask will display as XXXXXXXXX.
HTML Changes
Create a text box on your page with html as attached in download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
var originalVal;
$(document).ready(function()
{
if($('#txtRN').val().length>0)
{
if($('#txtRN').val().indexOf("X")==-1)
{
originalVal=$('#txtRN').val();
}
maskRN(this);
}
$('#txtRN').blur( function(e)
{
if($('#txtRN').val().indexOf("X")==-1)
{
originalVal=$('#txtRN').val();
}
maskRN(this);
});
$('#txtRN').focus( function(e)
{
$(this).val(originalVal);
});
});
function maskRN(regularRN)
{
var varlen =$(regularRN).val().length;
if(varlen > 9)
{
$("#error").text('Not Valid Routing Number.');
}
else
{
$("#error").text('');
//Replace all characters with X
var mask = $(regularRN).val().replace(/./gi, 'X');
$(regularRN).val(mask);
}
}
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary accounding to oraganizations. If your oraganization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask Routing Number
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Credit card number is one of sensitive information. If credit card number stolen by some one then do lots of fraud like purchasing online, create clone of your card or sell it to someone else to make transactions online.
There are lots of way to theft credit card information for hackers and fraud persons but for organization level to stop privacy violation when asked user to make payment online and enter card information that should be masked.
Note: This example is for credit card number for debit card you can change code as per your organization need.
Here considering, account number of length 16 digits. By masking will hide digits from 7th to 12th and show rest of digits. For example, my account number is 1234567890123456 than after mask will display as 1234 56XX XXXX 3456
HTML Changes
Create a text box on your page with below html as in attachment of download section.
Java Script/JQuery Changes
Copy below java script in your head section of page.
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary accounding to oraganizations. If your oraganization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask Credit Card
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Bank account number is unique number with in organization to track a particular personal detail that’s sensitive information and should be masked so that unauthorized persons will not misuse it.
Most of the banks have unique account numbers, varies from 9 digits to 18 digits. Most of the banks (67 out of 78) have included branch code as part of the account number structure.
For branch code, In India use different terms as IFSC code and in USA use as routing number.
In USA, combination of account number and routing number together is very sensitive if a person know about both account number and routing number can transfer someone’s complete checking account money.
Here considering, account number of length 10 digits. By masking will hide initial 6 digits and show only last 4 digits. For example, my account number is 1234567890 than after mask will display as XXXXXX7890.
HTML Changes
Refer attachment in download section for HTML.
Java Script/JQuery Changes
Copy below java script in your head section of page.
Note : This masking example is created considering standard length of text size and formatting of text field, that can vary according to organizations. If your organization having different format and text size modify source code according to your need. If you are facing any issue drop a comments will try to connect as soon as possible.
Download Source code
To download the source code of this example, click on below given download link. Mask Bank Account Number
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
In United States, Driving License is second social security identity after SSN. It should be hide and not shared with any one because having access to that one number can provide an identity theft with several pieces of information they want to know about you.
Driving license numbers are alphanumeric values while the number of characters in driving license varies as per state.
With Driving License card, someone knows your birthdate, address, and even your height, eye color, and signature.
If someone gets your driver’s license number, it is also big concern because it’s connected to your vehicle registration and insurance policies, as well as records on file with the Department of Motor Vehicles, place of employment (that keep a copy of your driver’s license on file), doctor’s office, government agencies, and other entities.
Driving License Masking Example: Here considering, driving license number of length 10 alphanumeric. By masking will hide initial 6 and characters show only last 4 characters. For example, my driving license number is ABC4567890 than after mask will display as XXXXXX7890.
HTML Changes
For HTML refer attachment in download.
Java Script/JQuery Changes
Copy below java script in your head section of page.
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
You can configure Log4j2 LogEventConverter plugin for masking personal/ confidential/ SPI data. For example here we are masking credit card number, SSN and CVV of log statements.
Below Log4j2 dependencies you need to add with your application.
Below is basic console based configuration for masking where packages used for where loggers need to apply and masking plugin annotation as in below program. In PatternLayout used key as spi which is map with plugin which will mask log text and print as message.
Created this LogMakingConverter Plug in for masking logs statement Here masking for Credit card number, CVV and SSN . You can also implement for password and rest depend on your application needs. Here we have used Java regular expression Mater and Pattern apis for maskin and also different character as +++ for CVV,********* for SSN and **************** for credit card by matching number of digits in log lines.
package com.mask.logs;
/**
* Created this LogMakingConverter Plug in for masking logs statement
* Here masking for Credit card number, CVV and SSN .
* You can also implement for password and rest depend on your application needs.
*/
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.config.plugins.Plugin;
import org.apache.logging.log4j.core.pattern.ConverterKeys;
import org.apache.logging.log4j.core.pattern.LogEventPatternConverter;
@Plugin(name="LogMaskingConverter", category = "Converter")
@ConverterKeys({"spi","trscId"})
public class LogMaskingConverter extends LogEventPatternConverter{
private static final String CREDIT_CARD_REGEX = "([0-9]{16})";;
private static final Pattern CREDIT_CARD_PATTERN = Pattern.compile(CREDIT_CARD_REGEX);
private static final String CAREDIT_CARD_REPLACEMENT_REGEX = "XXXXXXXXXXXXXXXX";
private static final String CVV_REGEX = "([0-9]{3})";
private static final Pattern CVV_PATTERN = Pattern.compile(CVV_REGEX);
private static final String CVV_REPLACEMENT_REGEX = "+++";
private static final String SSN_REGEX = "([0-9]{9})";
private static final Pattern SSN_PATTERN = Pattern.compile(SSN_REGEX);
private static final String SSN_REPLACEMENT_REGEX = "*********";
protected LogMaskingConverter(String name, String style) {
super(name, style);
}
public static LogMaskingConverter newInstance(String[] options) {
return new LogMaskingConverter("spi",Thread.currentThread().getName());
}
@Override
public void format(LogEvent event, StringBuilder outputMessage) {
String message = event.getMessage().getFormattedMessage();
String maskedMessage = message;
try {
maskedMessage = mask(message);
} catch (Exception e) {
System.out.println("Failed While Masking");
maskedMessage = message;
}
outputMessage.append(maskedMessage);
}
private String mask(String message) {
Matcher matcher =null;
StringBuffer buffer = new StringBuffer();
matcher = CREDIT_CARD_PATTERN.matcher(message);
maskMatcher(matcher, buffer,CAREDIT_CARD_REPLACEMENT_REGEX);
message=buffer.toString();
buffer.setLength(0);
matcher = SSN_PATTERN.matcher(message);
maskMatcher(matcher, buffer,SSN_REPLACEMENT_REGEX);
message=buffer.toString();
buffer.setLength(0);
matcher = CVV_PATTERN.matcher(message);
maskMatcher(matcher, buffer,CVV_REPLACEMENT_REGEX);
return buffer.toString();
}
private StringBuffer maskMatcher(Matcher matcher, StringBuffer buffer, String maskStr)
{
while (matcher.find()) {
matcher.appendReplacement(buffer,maskStr);
}
matcher.appendTail(buffer);
return buffer;
}
}
Masking Test Program
Below is test program to print some log statements which are converting by Log4j2.
package com.mask.logs;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
public class MaskingTest {
private static final Logger logger = LogManager.getLogger(MaskingTest.class);
public static void myTest(){
logger.info("this is my info message");
logger.debug("This is debug message");
logger.debug("Passed to server::0084USER:17603,IP:0:0:0:0:0:0:0:1,3425,Credit Card 1:1000002367844224,3425,Credit Card2:1000002367844224 , CVV:234,SSN:123456789");
}
public static void main(String[] args) {
myTest();
}
}
Output
Below is mask logs by log4j2 for confidential/personal/spi data.
20180607 11:20:43.558 [main] INFO com.mask.logs.MaskingTest - this is my info message
20180607 11:20:43.559 [main] DEBUG com.mask.logs.MaskingTest - This is debug message
20180607 11:20:43.560 [main] DEBUG com.mask.logs.MaskingTest - Passed to server::+++4USER:+++03,IP:0:0:0:0:0:0:0:1,+++5,Credit Card 1:XXXXXXXXXXXXXXXX,+++5,Credit Card2:XXXXXXXXXXXXXXXX , CVV:+++,SSN:
*********
Summary
Step by step program for masking sensitive information in logs.
Log4j2 XML Configuration for loggers and appenders for masking.
LogMaskingConverter Log4j2 plugin for masking log statements.
Regular expression for Creditcard, SSN and CVV.
Test program to write logs by java logging api to write in logs file.
See More
Below are some more masking ways for different type of data like XML, JSON and printing objects before logging , sending to page or transferring over network.
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Here you will see all steps to mask confidential/ information in XML like credit card, CVV, Exp date, SSN, password etc. So that it will print in mask form as ****** so that unauthorize use will not misuse of others information.
Java code to mask above XML. In below code cardNumber is masking partially so that show last four digits only and hide rest of numbers while cvv and exp date digits are masked completely.
package com.mask.xml;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.nodes.Element;
import org.jsoup.parser.Parser;
import org.jsoup.select.Elements;
public class MaskXML {
public static void main(String[] args) {
try {
FileInputStream inputStream = new FileInputStream(
new File("D:\\Saurabh Gupta\\Workspace\\JavaTestExamples\\src\\main\\resources\\UserAccountDetail.xml"));
Document doc = Jsoup.parse(inputStream, "UTF-8", "", Parser.xmlParser());
Elements toMaskTagCompletely = doc.select("Pincode,ExpDate,CVV");
Elements toMaskTagPartially = doc.select("CardNumber");
for (Element element : toMaskTagCompletely) {
element.text(replaceDigits(element.text()));
}
for (Element element : toMaskTagPartially) {
element.text("XXXXXXXXXXXX" + element.text().substring(element.text().length() - 4));
}
System.out.println(doc.toString());
} catch (FileNotFoundException ex) {
ex.printStackTrace();
} catch (IOException ex) {
ex.printStackTrace();
}
}
private static String replaceDigits(String text) {
StringBuffer buffer = new StringBuffer(text.length());
Pattern pattern = Pattern.compile("\\d");
Matcher matcher = pattern.matcher(text);
while (matcher.find()) {
matcher.appendReplacement(buffer, "X");
}
return buffer.toString();
}
}
Result : Masked XML
<?xml version="1.0" encoding="UTF-8"?>
<AccountList>
<Account>
<id>
E001
</id>
<FirstName>
Saurabh
</FirstName>
<LastName>
Gupta
</LastName>
<AddressDetail>
<AddressLine1>
Noida City Center
</AddressLine1>
<City>
Noida
</City>
<State>
UP
</State>
<Pincode>
XXXXXX
</Pincode>
<Contry>
India
</Contry>
</AddressDetail>
<CreditCardDetail>
<CardNumber>
XXXXXXXXXXXX6567
</CardNumber>
<CVV>
XXX
</CVV>
<ExpDate>
XX/XX
</ExpDate>
</CreditCardDetail>
</Account>
<Account>
<id>
E002
</id>
<FirstName>
Ankur
</FirstName>
<LastName>
Mehrotra
</LastName>
<AddressDetail>
<AddressLine1>
New Delhi Metro Station
</AddressLine1>
<City>
New Delhi
</City>
<State>
UP
</State>
<Pincode>
XXXXXX
</Pincode>
<Contry>
India
</Contry>
</AddressDetail>
<CreditCardDetail>
<CardNumber>
XXXXXXXXXXXX3456
</CardNumber>
<CVV>
XXX
</CVV>
<ExpDate>
XX/XX
</ExpDate>
</CreditCardDetail>
</Account>
<Account>
<id>
E003
</id>
<FirstName>
Shailesh
</FirstName>
<LastName>
Nagar
</LastName>
<AddressDetail>
<AddressLine1>
Dwarka Metro Station
</AddressLine1>
<City>
Delhi
</City>
<State>
Delhi
</State>
<Pincode>
XXXXXX
</Pincode>
<Contry>
India
</Contry>
</AddressDetail>
<CreditCardDetail>
<CardNumber>
XXXXXXXXXXXX5678
</CardNumber>
<CVV>
XXX
</CVV>
<ExpDate>
XX/XX
</ExpDate>
</CreditCardDetail>
</Account>
</AccountList>
Summary
Example for mask XML.
Shared API and source code for masking XML in less code.
Shared code for Mask complete and partial text data for credit card, SSN, CVV etc.
See Also
Below are some more masking ways for different type of data like XML, JSON and printing objects before logging , sending to page or transferring over network.
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Here you will see all steps to mask confidential/ information like credit card, CVV, Exp date, SSN, password etc. So that it will print in mask form as ****** so that unauthorize use will not misuse of others information.
Here using Google GSON and GsonBuilder converting Java object to JSON and again converting JSON to Java Object.
By using Java refelection api’s replacing SPI fields data with *******.
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
Here you will see all steps to mask confidential/ information like credit card, CVV, Exp date, SSN, password etc. So that it will print in mask form as ****** so that unauthorize use will not misuse of others information.
Main concept to mask an Java for personal information by using reflection API and string override method by extending mask class.
Below are steps to masking Java Object :
Extends classes with MaskData class.
Override toString() method of object class and implement in MaskData Class.
Use JAVA reflection apis to get all fields objects and change SPI fields with *****.
Use replace digits methods method to replace digits with *.
Below are classes AccountDetail, Address and CreditCard where only confidential information need to mask for Credit Card.
package com.mask.object;
import com.model.AccountDetail;
import com.model.AddressDetail;
import com.model.CreditCardDetail;
public class MaskJavaObject {
public static void main(String[] args) {
AddressDetail addressDetail = new AddressDetail("Noida City Center", "Noida", "UP", "India", "20310");
CreditCardDetail creditCardDetail = new CreditCardDetail("1234567890123456", "123", "12/90");
AccountDetail accountDetail = new AccountDetail("Saurabh", "Gupta", addressDetail, creditCardDetail);
System.out.println(accountDetail);
}
}
Console Output
com.model.AccountDetail[
firstName=Saurabh
lastName=Gupta
address=com.model.AddressDetail[
addressLine1=Noida City Center
city=Noida
state=UP
pincode=India
country=20310
]
creditCardDetail=com.model.CreditCardDetail[
cardNumber=XXXXXXXXXXXXXXXX
cvv=XXX
expDate=XX/XX
]
]
Related Posts
Your Feedback Motivate Us
If our FacingIssuesOnIT Experts solutions guide you to resolve your issues and improve your knowledge. Please share your comments, like and subscribe to get notifications for our posts.
You must be logged in to post a comment.