MoEngage allows the encryption of user and event attributes marked as Personally Identifiable Information (PII). Any attribute with data encryption enabled will also have masking enabled by default. Such attributes are not shown on and cannot be downloaded from the MoEngage dashboard.
Enabling PII Data Encryption
You can enable data encryption for all user and event attributes except a list of reserved ones that cannot be encrypted. For more information, refer to the list of reserved attributes for which data encryption is not supported.
| info |
Note
|
To enable PII Data Encryption for a user attribute, follow these steps:
- Navigate to Settings -> Data Management in the MoEngage Dashboard.
- Click on the User attributes tab to access user attributes.
- Search the desired user attribute.
- Select desired attributes and mark them as PII by clicking on 'Yes' in the Data Encryption section of the PII dropdown above the header in the Action bar.
- Or, for the desired user attribute, click on the 3 dot button on the right, and then click on Edit to access the different actions.
- In the Edit user attribute that opens, turn on the Encrypt attribute toggle in the Data privacy configuration section.
- Click Save.
To enable PII Data Encryption for an event attribute, follow these steps:
- Navigate to Settings -> Data Management in the MoEngage Dashboard.
- Click on the Events tab to access events and event attribute
- Select or search the desired event, and click on that event to access the desired attribute
- For the desired attribute, click on the 3 dot button on the right, then click on Edit to access the different actions.
- On the 'Edit Event' popup, select the Event Attributes tab to access the event attributes.
- Select the desired event attribute and click on the 3 dots button on the right, and click on Edit.
- In the Edit event attribute that opens, turn on the Encrypt attribute toggle in the Data privacy configuration section.
- Click Save.
Accessing PII Data Encrypted Attributes
PII attributes are not visible on the following screens, and they can only be exported from the MoEngage Dashboard if you have admin access. If PII Data encryption is enabled for an attribute, it is shown in the encrypted form for admin users. For users with other roles, the data is shown as ---
-
-
-
User Search
Navigation: Create Segment -> Search bar at the top right corner -> Search User popup
-
User Profile
Navigation: Create Segment -> Search bar at the top right corner -> Search User popup -> Click on the Name hyperlink on the desired user's row. For more information, refer to User Profile
User Info Tab
Activity Info Tab
-
Recent events
Navigation: Test & Debug -> Recent Events
-
Value Suggestions
Value suggestions are not shown for the PII marked attribute on Segmentation and Analytics pages.
-
Segmentation Filters
Only two operators are allowed for PII Data Encrypted attributes: exists and does not exist in the segmentation filters.
Segment -> Create Segment Navigation
Segmentation Filters in Campaign Creation
-
Test Users
Navigation: Test & Debug -> Test users
-
User Search
-
| Channel Name | Support for Sending (decrypting encrypted Sender ID before sending) | Support for Personalization Preview (in encrypted format) | Support for Personalization (when an encrypted User Attributes is used in personalization) |
|---|---|---|---|
| Yes | Yes | Yes | |
| Push | Not applicable | Yes | Yes |
| SMS | Yes | Yes | Yes |
| Yes | Yes | Yes | |
| Facebook Audience | Not built | Not applicable | Not applicable |
| Google Ads | Not built | Not applicable | Not applicable |
| Connectors | Not applicable | Not applicable | Yes |
| In-app Messaging | Not applicable | Yes | Yes |
| On-site Messaging | Not applicable | Not applicable | Yes |
| Cards | Not applicable | Not applicable | Yes |
Non-Dashboard Functionality
PII encrypted data is available for Open Analytics, S3 Exports, and MoEngage Streams, and data is not decrypted before use/export. These features are not available by default, require manual enablement, and will be enabled on request. Please provide your team access to these features per your security and data needs.
List of Attributes Not Supported for Encryption
User Attributes
-
-
- Reachability Push Android (moe_rsp_android)
- Reachability Push iOS (moe_rsp_ios)
- Reachability Push Web (moe_rsp_web)
- Reachability Push (moe_rsu)
- Spam
- Unsubscribe
- Push Preference Changed iOS
- SMS Subscription Status
- Install Status
- Push Opt In Status (iOS)
- MoEngage ID
- moe_dtzo - User Time Zone offset
- All of Lifecycle category attributes
- All of Uninstall category attributes
-
Event Attributes
-
-
- source
- appVersion
- SDKversion
- Platform
- Parent Campaign Id (moe_c_pid)
- Parent Flow Id (moe_f_pid)
- Parent Flow Name (moe_f_pname)
- Campaign Content Type (moe_campaign_content_type)
- Locale Id (moe_locale_id)
- Locale Name (moe_locale_name)
- Variation Key (moe_variation_id)
- Campaign Tags (moe_campaign_tags)
- BTS (moe_bts_type)
- Control Group (moe_control_group_type)
- Readable Campaign Id (moe_campaign_id)
- Campaign Name (moe_campaign_name)
- Campaign Type (moe_campaign_type)
- Delivery Type (moe_delivery_type)
-
FAQs
1. How is PII Encryption different from PII Masking?
PII masking simply masks the values on the MoEngage dashboard UI and does not encrypt the values during storage.
2. Can I mask an attribute but not encrypt it?
Yes. Go to: Settings > Data management > Edit Events/User attributes > Data Privacy Configuration > Masking
To enable PII encryption - please get in touch with the Support team. Once enabled, you will see the Encrypt Attribute option under Settings > Data management > Edit Events/User attributes > Data Privacy Configuration