Description
The Process
Global built-in Data Types for Avanan Smart DLP:
Global built-in Data Types
Data Type | Description |
Advertising identifier | Identifiers used by developers to track users for advertising purposes. These include Google Play Advertising IDs, Amazon Advertising IDs, Apple's identifierForAdvertising (IDFA), and Apple's identifierForVendor (IDFV). |
Age of an individual | An age measured in months or years. |
Credit card number | A credit card number is 12 to 19 digits long. They are used for payment transactions globally. |
Credit Card Extended | Credit card numbers that match even if appearing as substrings. For example, AX123412345612345*1234 |
Credit card track number | A credit card track number is a variable length alphanumeric string. It is used to store key cardholder information. |
Date of birth | A date of birth. |
Domain name | A domain name as defined by the DNS standard. |
Email address | An email address identifies the mailbox that emails are sent to or from. The maximum length of the domain name is 255 characters, and the maximum length of the local-part is 64 characters. |
Ethnic group | A person’s ethnic group. |
Female name | A common female name. |
First name | A first name is defined as the first part of a Person Name. |
Gender | A person’s gender identity. |
Generic id | Alphanumeric and special character strings that may be personally identifying but do not belong to a well-defined category, such as user IDs or medical record numbers. |
IBAN Americas | An International Bank Account Number (IBAN) is an internationally agreed-upon method for identifying bank accounts defined by the International Standard of Organization (ISO) 13616:2007 standard. An IBAN consists of up to 34 alphanumeric characters, including elements such as a country code or account number. This rule detects American IBAN formats. |
IBAN Asia | An International Bank Account Number (IBAN) is an internationally agreed-upon method for identifying bank accounts defined by the International Standard of Organization (ISO) 13616:2007 standard. An IBAN consists of up to 34 alphanumeric characters, including elements such as a country code or account number. This rule detects Asian IBAN formats |
IBAN Africa | An International Bank Account Number (IBAN) is an internationally agreed-upon method for identifying bank accounts defined by the International Standard of Organization (ISO) 13616:2007 standard. An IBAN consists of up to 34 alphanumeric characters, including elements such as a country code or account number. This rule detects African IBAN formats |
IBAN Europe | An International Bank Account Number (IBAN) is an internationally agreed-upon method for identifying bank accounts defined by the International Standard of Organization (ISO) 13616:2007 standard. An IBAN consists of up to 34 alphanumeric characters, including elements such as a country code or account number. This rule detects European IBAN formats |
HTTP cookie and set-cookie headers | An HTTP cookie is a standard way of storing data on a per website basis. This detector will find headers containing these cookies. |
ICD9 code | The International Classification of Diseases, Ninth Revision, Clinical Modification (ICD-9-CM) lexicon is used to assign diagnostic and procedure codes associated with inpatient, outpatient, and physician office use in the United States. The US National Center for Health Statistics (NCHS) created the ICD-9-CM lexicon. It is based on the ICD-9 lexicon, but provides for more morbidity detail. The ICD-9-CM lexicon is updated annually on October 1. |
ICD10 code | Like ICD-9-CM codes, the International Classification of Diseases, Tenth Revision, Clinical Modification (ICD-10-CM) lexicon is a series of diagnostic codes. The World Health Organization (WHO) publishes the ICD-10-CM lexicon to describe causes of morbidity and mortality. |
Patient Information | Detects leaked medical patient information. The detection is based on matching health codes and various personal information patterns. |
Phone IMEI number | An International Mobile Equipment Identity (IMEI) hardware identifier, used to identify mobile phones. |
IP address | An Internet Protocol (IP) address (either IPv4 or IPv6). |
Last name | A last name is defined as the last part of a Person Name. |
Street addresses and landmarks | A physical address or location. |
MAC address | A media access control address (MAC address), which is an identifier for a network adapter. |
Local MAC address | A local media access control address (MAC address), which is an identifier for a network adapter. |
Male name | A common male name. |
Medical term | Terms that commonly refer to a person's medical condition or health. |
Organization name | A name of a chain store, business or organization. |
Passport Number | A passport number that matches passport numbers for the following countries: Australia, Canada, China, France, Germany, Japan, Korea, Mexico, The Netherlands, Poland, Singapore, Spain, Sweden, Taiwan, United Kingdom, and the United States. |
Person name | A full person name, which can include first names, middle names or initials, and last names. |
Phone number | A telephone number. |
Street address | A street address. |
Bank SWIFT routing number | A SWIFT code is the same as a Bank Identifier Code (BIC). It's a unique identification code for a particular bank. These codes are used when transferring money between banks, particularly for international wire transfers. Banks also use the codes for exchanging other messages. |
Date or Time | A date. This Rule name includes most date formats, including the names of common world holidays. |
Human readable time | A timestamp of a specific time of day, e.g. 9:54 pm. |
URL | A Uniform Resource Locator (URL). |
Vehicle identification number | A vehicle identification number (VIN) is a unique 17-digit code assigned to every on-road motor vehicle. |
Authentication token | An authentication token is a machine-readable way of determining whether a particular request has been authorized for a user. This detector currently identifies tokens that comply with OAuth or Bearer authentication. |
Amazon Web Services credentials | Amazon Web Services account access keys. |
Azure JSON web token | Microsoft Azure certificate credentials for application authentication. |
HTTP Basic authentication header | A basic authentication header is an HTTP header used to identify a user to a server. It is part of the HTTP specification in RFC 1945, section 11. |
Encryption key | An encryption key within configuration, code, or log text. |
Google Cloud Platform API key | Google Cloud API key. An encrypted string that is used when calling Google Cloud APIs that don't need to access private user data. |
Google Cloud Platform service account credentials | Google Cloud service account credentials. Credentials that can be used to authenticate with Google API client libraries and service accounts. |
JSON web token | JSON Web Token. JSON Web Token in compact form. Represents a set of claims as a JSON object that is digitally signed using JSON Web Signature. |
Password | Clear text passwords in configs, code, and other text. |
Top 100,000 most common weakly hashed passwords | A weakly hashed password is a method of storing a password that is easy to reverse engineer. The presence of such hashes often indicate that a system's security can be improved. |
Common headers containing XSRF tokens | An XSRF token is an HTTP header that is commonly used to prevent cross-site scripting attacks. Cross-site scripting is a type of security vulnerability that can be exploited by malicious sites. |
Country Specific Data Types
Australia
Data Type name | Description |
Australia driver’s license number | An Australian driver's license number. |
Australia medicare number | A 9-digit Australian Medicare account number is issued to permanent residents of Australia (except for Norfolk island). The primary purpose of this number is to prove Medicare eligibility to receive subsidized care in Australia. |
Australia passport number | An Australian passport number. |
Australia tax file number | An Australian tax file number (TFN) is a number issued by the Australian Tax Office for taxpayer identification. Every taxpaying entity, such as an individual or an organization, is assigned a unique number. |
DLP Categories
The table below shows the default Data Types of each DLP category for Avanan accounts residing in different regions.
DLP Category | Default Data Type for Avanan accounts residing in US/Canada region | Default Data Type for Avanan accounts residing in other regions |
PHI | ICD9 description match | ICD9 description match |
PII | Passport number | Passport number |
Financial | Bank SWIFT routing number | Bank SWIFT routing number |
Access Control | Advertising Identifier | Advertising Identifier |
PCI | Credit card number | Credit card number |
HIPAA | ICD9 description match | ICD9 description match |