Custom PII Masking and Blocking Using Your Own Security API

Organizations often exchange sensitive information while communicating with customers. This may include personal identifiers, financial information, identification numbers, or confidential documents. For enterprises that operate under strict security and compliance requirements, protecting this information is essential.

Enterprise Security allows organizations to control how sensitive data is handled in conversations. By connecting a custom Security API, businesses can detect and manage Personally Identifiable Information (PII) in both text messages and media. Based on the organization’s rules, sensitive information can either be masked or blocked before it is stored or shared.

Availability

Enterprise Security is available only for Enterprise accounts.

If your DoubleTick account is on the Enterprise plan, you will be able to access and configure this feature from your settings.

Accounts using the Starter or Pro plans will not see this option. If you want to use Enterprise Security, you must upgrade your account to the Enterprise plan. Once upgraded, the feature can be enabled and configured.

Only the Primary Owner of the account can access and modify Enterprise Security settings.

What is Enterprise Security?

Enterprise Security allows organizations to integrate their own Security API with DoubleTick.

This API determines:

What qualifies as sensitive data
How it should be detected
What action should be taken when it is found

Whenever a message or media file is sent or received, it is checked through this API. The API analyzes the content using the organization’s internal rules and returns the appropriate response.

Based on this response, the system either masks the sensitive data or blocks the message or media.

All detection logic remains within the organization’s own system, ensuring full control over security and compliance policies.

How Enterprise Security Works

Enterprise Security connects DoubleTick with the organization’s existing security systems.

The process works as follows:

The organization provides a Security API endpoint.
Every text message or media file is sent to this API.
The API analyzes the content using the organization’s detection rules.
The API returns a response indicating whether sensitive data is detected.
Based on the configured mode, the system either masks the information or blocks the content.

This ensures that enterprise security policies are enforced automatically across conversations.

Security Actions

Organizations can choose how sensitive information should be handled.

Mask

Sensitive data is hidden before the message or media is stored or shared.

Example: A phone number such as 9876543210 may appear as XXXXXXXX10.

The message is delivered, but sensitive information remains protected.

Reject

Messages or media containing sensitive information are blocked completely. If sensitive data is detected, the message or file will not be sent.

This option is suitable for organizations that require strict control over data transmission.

Protection for Text and Media

Enterprise Security works for both text messages and media files.

Text Messages

Text messages sent by agents or customers are analyzed by the Security API. If sensitive information is detected, the message is either masked or rejected based on the configured settings.

Media Files

Media such as images or documents can also contain sensitive data. These files are checked through the Security API before they are stored or shared.

If sensitive data is detected, the media can be blocked or blurred depending on the configuration.

Examples of Sensitive Data That Can Be Protected

Organizations can define what type of information should be protected. Common examples include:

Credit card numbers
Bank account numbers
One-time passwords (OTP)
Government identification numbers
Personal identity documents
Any custom sensitive fields defined by the organization

For example, an Indian bank may configure the system to detect and protect:

Aadhaar card numbers
PAN card numbers
Credit card numbers
Bank account numbers

Sensitive information inside images or documents can also be masked.

Example Use Case

A company may decide that customer phone numbers should not be visible to agents.

If a customer sends a phone number in a message, the Security API detects the number and masks it before storing or displaying it.

Example:

Original message My phone number is 9876543210

Stored message My phone number is XXXXXXXX10

This allows the conversation to continue while keeping the sensitive data protected.

Enterprise Security enables organizations to enforce their own data protection policies while communicating with customers. By integrating existing security systems with DoubleTick, enterprises can ensure that sensitive information is consistently protected across conversations.

PreviousEnterprise Security NextHow to Configure PII Enterprise Security

Last updated 1 hour ago

hashtagAvailability

hashtagWhat is Enterprise Security?

hashtagHow Enterprise Security Works

hashtagSecurity Actions

hashtagMask

hashtagReject

hashtagProtection for Text and Media

hashtagText Messages

hashtagMedia Files

hashtagExamples of Sensitive Data That Can Be Protected

hashtagExample Use Case