PII Data Encryption

MoEngage allows the encryption of user and event attributes marked as Personally Identifiable Information (PII). Any attribute with data encryption enabled will also have masking enabled by default. Such attributes are not shown on and cannot be downloaded from the MoEngage dashboard.

Enabling PII Data Encryption

You can enable data encryption for all user and event attributes except a list of reserved ones that cannot be encrypted. For more information, refer to the list of reserved attributes for which data encryption is not supported.

info

Note

Attributes marked as encrypted once cannot be de-encrypted or unmasked.
Users with Admin roles can see the attributes in their encrypted form. User with other roles cannot see the encrypted attributes (they are locked in the user profile, reporting, analytics, and segmentation screens).
Once encryption is turned on, it may take up to fifteen minutes for the new settings to get reflected.
An encrypted attribute can only be exported in reports if you have admin access. The attribute will be exported in its encrypted format.

To enable PII Data Encryption for a user attribute, follow these steps:

Navigate to Settings -> Data Management in the MoEngage Dashboard.
Click on the User attributes tab to access user attributes.
Search the desired user attribute.
Select desired attributes and mark them as PII by clicking on 'Yes' in the Data Encryption section of the PII dropdown above the header in the Action bar.
Or, for the desired user attribute, click on the 3 dot button on the right, and then click on Edit to access the different actions.
In the Edit user attribute that opens, turn on the Encrypt attribute toggle in the Data privacy configuration section.
Click Save.

To enable PII Data Encryption for an event attribute, follow these steps:

Navigate to Settings -> Data Management in the MoEngage Dashboard.
Click on the Events tab to access events and event attribute
Select or search the desired event, and click on that event to access the desired attribute
For the desired attribute, click on the 3 dot button on the right, then click on Edit to access the different actions.
On the 'Edit Event' popup, select the Event Attributes tab to access the event attributes.
Select the desired event attribute and click on the 3 dots button on the right, and click on Edit.
In the Edit event attribute that opens, turn on the Encrypt attribute toggle in the Data privacy configuration section.
Click Save.

Accessing PII Data Encrypted Attributes

PII attributes are not visible on the following screens, and they can only be exported from the MoEngage Dashboard if you have admin access. If PII Data encryption is enabled for an attribute, it is shown in the encrypted form for admin users. For users with other roles, the data is shown as ---

1. 1. User Search
    Navigation: Create Segment -> Search bar at the top right corner -> Search User popup
  2. User Profile
    Navigation: Create Segment -> Search bar at the top right corner -> Search User popup -> Click on the Name hyperlink on the desired user's row. For more information, refer to User Profile
    
    User Info Tab
    
    Activity Info Tab
  3. Recent events
    Navigation: Test & Debug -> Recent Events
  4. Value Suggestions
    Value suggestions are not shown for the PII marked attribute on Segmentation and Analytics pages.
  5. Segmentation Filters
    Only two operators are allowed for PII Data Encrypted attributes: exists and does not exist in the segmentation filters.
    
    Segment -> Create Segment Navigation
    
    Segmentation Filters in Campaign Creation
  6. Test Users
    Navigation: Test & Debug -> Test users

Non-Dashboard Functionality

Features outside the MoEngage dashboard do not support PII Data Encryption. Hence, PII Data Encryption is unavailable for Open Analytics, S3 Exports, and MoEngage Streams.

These features are not available by default, require manual enablement, and will be enabled on request. Please provide your team access to these features per your security and data needs.

List of Attributes Not Supported for Encryption

User Attributes

1. 1. Reachability Push Android (moe_rsp_android)
  2. Reachability Push iOS (moe_rsp_ios)
  3. Reachability Push Web (moe_rsp_web)
  4. Reachability Push (moe_rsu)
  5. Spam
  6. Unsubscribe
  7. Push Preference Changed iOS
  8. SMS Subscription Status
  9. Install Status
  10. Push Opt In Status (iOS)
  11. MoEngage ID
  12. moe_dtzo - User Time Zone offset
  13. All of Lifecycle category attributes
  14. All of Uninstall category attributes

Event Attributes

1. 1. source
  2. appVersion
  3. SDKversion
  4. Platform
  5. Parent Campaign Id (moe_c_pid)
  6. Parent Flow Id (moe_f_pid)
  7. Parent Flow Name (moe_f_pname)
  8. Campaign Content Type (moe_campaign_content_type)
  9. Locale Id (moe_locale_id)
  10. Locale Name (moe_locale_name)
  11. Variation Key (moe_variation_id)
  12. Campaign Tags (moe_campaign_tags)
  13. BTS (moe_bts_type)
  14. Control Group (moe_control_group_type)
  15. Readable Campaign Id (moe_campaign_id)
  16. Campaign Name (moe_campaign_name)
  17. Campaign Type (moe_campaign_type)
  18. Delivery Type (moe_delivery_type)