Sensitive Personal Identifying Information (PII)/ Personal Confidential Information is defined as information that if lost, compromised, or disclosed could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual.
This information can be used by scammers, Fraudsters and criminals to conducts identity theft, blackmailing, stalking or other crimes against an individuals. That’s what as per Federal State laws when asked individuals personal information online or print on logs that should be masked so that not misuse by fraud persons. If an organization is not hiding it that’s privacy violation of personal information of users or customer.
See Also :
- Log4j2: How to Mask Logs Personal/Confidential/SPI Information
- How to Mask JSON Confidential/Personal Information in logs :JAVA
- How to mask JAVA Object confidential/personal information in logs while Printing
- How to MASK XML Confidential/Personal Data : JAVA
Below are most common personal sensitive and confidential information’s of an individual. Some of standalone information is sufficient and some required other information by fraud persons to make identity theft, criminal activities and financial loss also.
- Bank Account Number
- Routing Number
- Credit/Debit Card Number
- Aadhar Number
- SSN (Social Security Number)
- DOB (Date of Birth)
- Zip code/ Pin code / Postal code
- Driving License Number
- Health Related Information
- Medical Insurance Card etc.
Here is in-depth knowledge of each sensitive information and how it can impact to individuals. You can follow the link to get script for masking of each sensitive information.
Bank Account Number
Bank account number is unique number with in organization to track a particular personal detail. Most of the banks have unique account numbers, varies from 9 digits to 18 digits. Most of the banks (67 out of 78) have included branch code as part of the account number structure.
In USA, combination of account number and routing number together is very sensitive if a person know about both account number and routing number can transfer someone’s complete checking account/ direct deposit account money.
Complete Source Code : How to mask Bank Account Number on Web page
The Routing number is a nine digit code that’s based on US. Bank location where your account was opened. People often used routing number when making payment online or by phone.
The routing number is sensitive information, In USA if you know checking account number and routing number of some one you can make online payment/ withdraw from direct deposit account . Organization must make account number and routing number as mask on payment page so that nobody take snapshot and see these detail for fraud.
Complete Source Code :How to mask Routing Number on page
Credit/Debit Card Number
Credit card number is one of sensitive information. If credit card number stolen by some one then do lots of fraud like purchasing online, create clone of your card or sell it to someone else to make transactions online.
There are lots of way to theft credit card information by hackers and fraudsters but for organization level to stop privacy violation when asked user to make payment online and enter card information that should be mask.
Complete Source Code :How to mask Credit/Debit Card Number on web page
The CVV/CVC code (Card Verification Value/Code) is located on the back of your credit/debit card on the right side of the white signature strip. It is always the last 3 digits in case of VISA and MasterCard but for American Express Card having four digits and front of card.
Nowadays, It is possible to easily get card details of someone else. For example CCTV cameras are in operation in almost every shop and follow you while paying. Not only because of this fact the CVV/CVC verification code is located on the back of your payment card and represents the basic security feature. Therefore CVV/CVC code is required for all online payments where the card is not present and the PIN code cannot be entered.
Complete Source Code :How to mask CVV/CVC on web page
Aadhar Card Number
Aadhaar is a verifiable 12-digit identification number issued by UIDAI (“Authority”) to the resident of India for free of cost after satisfying the verification process laid down by the Authority. Any individual, irrespective of age and gender, who is a resident of India, may voluntarily enroll to obtain Aadhaar number based on demographic and bio-metric information.
Aadhar number is very sensitive information by which we can track an individual complete information. Generally bank asked for aadhar number while authenticate a person.
Complete Source Code : How to mask Aadhar Card Number on web page
The passport serves as proof of your identity and your nationality which itself can be advantageous depending on your destination. As such, you should prioritize its security above all else when you travel overseas.
Consequences of Passport Number Identity Theft
Under no circumstances should you disclose any sensitive information regarding yourself, passport number included. It may just be a jumble of digits but it’s a very valuable commodity for criminals if they even get their hands on it.
There are lots of consequences of passport identity theft as below:
- A criminal could easily manufacture a passport with passport number, full legal name , date of birth and another person’s picture on it. This may not get them into the US (easily) but it could conceivable get them to a country nearby and then from there they could travel to the US or travel on others countries.
- Criminal all over the world can use others stolen passport to commit a crime or do anything on others name.
- The passport is use as an identity official documents if you don’t have driving license. Think about if someone using fraud passport and make some accident on road.
- The fraud passport with your personal information full legal name, date of birth (available in facebook) , another person picture and address used to impersonate you. This fraud passport can be used as identity proof to open and access your credit / debit cards, social security, email, medical records, your character, your tax records.
- A lot of passports have a chip too, which stores all your personal data.
Complete Source Code :How to mask Passport on web page
SSN (Social Security Number)
In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary working (Some Visa holders) to track individuals for social security purposes and also used as national identification number by financial institutions to authenticate a person to setup bank accounts, credit cards , loans and tax filing.
Complete Source Code :How to mask SSN (Social Security Number) on web page
ITIN (Individual Taxpayer Identification Number) numbers are issued by the IRS (Internal Revenue Service) to individuals who do not have, and are not eligible to obtain, a valid U.S. Social Security Number, but who are required by law to file a U.S. Individual Income Tax Return.
ITIN is a nine digit number and always begins with the number 9 and has a 7 or 8 in the fourth digit, such as 9XX-7X-XXXX. 4th and 5th digits, also known as second section (xxx-xx-xxxx), range from 70 to 88, 90 to 92 and 94 to 99.
Complete Source Code :How to mask ITIN on web page
DOB (Date of Birth)
Scammers, fraudsters, and identity thieves can wreak havoc with just your name, date of birth (DOB), and address. Fraudsters need just these three key bits of information to steal your identity and access your accounts, take out loans, credit cards, mobile phones in your name. These can be found on social media profiles, such as Facebook. And if your settings are not private or masked, this is available for anyone to see.
That’s what generally organizations while asking for date of birth masked years part or complete date so that not share by anyone except person working on web page.
Complete Source Code :How to mask DOB (Date of Birth) on web page
Pincode/ Zipcode/ Postalcode
A lot of information that you share freely, such as your date of birth, phone number, ZIP code and email address, are very valuable to criminals. Think of how many accounts require you to verify your identity by entering in your birthday or your ZIP code before making a transaction.
Alone, your ZIP code might not be of much value all by itself, but criminals will take that information and post it on underground sites where they buy, sell and trade bunches of personal information. From those sites, criminals can purchase enough of your personal information to use it for fraud.
Complete Source Code :How to mask Pincode/Zipcode /Postal Code on web page
IP (Internet Protocol)
The reason to hide your IP address is simply for more privacy and to prevent misuse of your personal information. Whenever you access a website, the server you connect to logs your IP address and attaches it to all the other data the site can learn about you: your browsing habits, what you click on, how long you spend looking at a particular page. They then sell this data to advertising companies who use it to tailor ads straight to you. This is why ads on the internet sometimes feel oddly personal: it’s because they are. Your IP address can also be used to track your location, even when your location services are turned off.
Complete Source Code :How to mask IP (Internet Protocol) on web page
Driving License Number
In United states, Driving License is second social security identity after SSN. It should be hide and not shared with any one because having access to that one number can provide an identity thief with several pieces of information they want to know about you.
- With Driving License card, someone knows your birth date, address, and even your height, eye color, and signature.
- If someone gets your driver’s license number, it is also big concern because it’s connected to your vehicle registration and insurance policies, as well as records on file with the Department of Motor Vehicles, place of employment (that keep a copy of your driver’s license on file), doctor’s office, government agencies, and other entities.
Complete Source Code :How to mask Driving License Number on web page