How to protect customer data (Data Obfuscation)

Data obfuscation, also known as data masking, is a security feature that allows you to replace potentially sensitive data with generic characters to ensure that sensitive information is safe. You can set data (for example, credit card numbers, social security or personal ID numbers, telephone numbers) to be replaced by generic characters either in real-time or once the chat has ended.

This feature is part of the Chat Window setup, meaning that you cannot use data obfuscation in channels other than chat. A chat window controls the look and feel and advanced behavior of the interface that is opened when a customer clicks an associated button or link.

Create or edit a chat window, as follows:
1. In the Web Admin Center, go to Channels > Chat > Chat Windows.
2. Select an existing chat window or click Create New.

On the Message content tab, select Conceal sensitive information and then choose the following options:

Option	Description
What to Conceal	Select All numeric strings to conceal all recognized number sequences, such as credit card, social security and phone numbers. Select Only credit card formats to mask user input that conforms to standard credit card number formats. When this feature is in use, a credit card number such as 12345-12345-12345 is stored as xxxxx-xxxxx-xxxxx. Numbers grouped as follows are considered credit card numbers: 3-4-4-2 4-4-3-2 4-4-4-4 4-6-4 4-6-5 Note: Currently, the following numbers are concealed as they are considered to be credit card numbers: 13 digits starting with 4,5, or 6 14 digits starting with 3,5, or 6 15 digits starting with 1,2,3,5,6, or 8 16 digits starting with 2,3,4,5,6,8, or 9 17 digits starting with 3,5,6, or 8 18 digits starting with 3,5,6, or 8 19 digits starting with 3,5,6, or 8
When to Conceal	Select Only upon close to allow data to be seen during chat, but then hidden after close. Select Immediately, but not from customer and agent to allow only the assigned agent to see the information. Select Immediately, from everyone to hide the information from everyone.

Option

Description

What to Conceal

Select All numeric strings to conceal all recognized number sequences, such as credit card, social security and phone numbers.
Select Only credit card formats to mask user input that conforms to standard credit card number formats. When this feature is in use, a credit card number such as 12345-12345-12345 is stored as xxxxx-xxxxx-xxxxx.
Numbers grouped as follows are considered credit card numbers:
- 3-4-4-2
- 4-4-3-2
- 4-4-4-4
- 4-6-4
- 4-6-5

Note: Currently, the following numbers are concealed as they are considered to be credit card numbers:

13 digits starting with 4,5, or 6
14 digits starting with 3,5, or 6
15 digits starting with 1,2,3,5,6, or 8
16 digits starting with 2,3,4,5,6,8, or 9
17 digits starting with 3,5,6, or 8
18 digits starting with 3,5,6, or 8
19 digits starting with 3,5,6, or 8

When to Conceal

Select Only upon close to allow data to be seen during chat, but then hidden after close.
Select Immediately, but not from customer and agent to allow only the assigned agent to see the information.
Select Immediately, from everyone to hide the information from everyone.

Save your changes.

Remember: To implement a chat window, you must associate it with a chat button definition.

What are best practices for data obfuscation?

We recommend enabling data obfuscation. The exact settings to configure depend on the organization; however, our recommendation is to encrypt all numeric strings, but "only upon close". This will allow agents and customers to see all numbers in the chat but will encrypt after the conversation. That being said, certain organizations may not accept credit card numbers over chat so it may make sense to encrypt credit card numbers "immediately, from everyone".

Customers who request a transcript and see encrypted numeric strings will have more confidence that their data is safe with you and your organization, leading to higher customer satisfaction. Stronger security and compliance with PCI and other standards.