Mask.
Like every other detection in TrustGate, you wire it up inline on a policy’s When condition — there’s no separate plugin screen.
Apply to prompts or responses
Data protection runs on either direction of the traffic. You control this with the condition’s Field:| Field | What it protects | Typical use |
|---|---|---|
| Input | What the user sends to the model. | Prevent PII or secrets from being shipped to a third-party provider. |
| Output | What the model generates. | Prevent the LLM from echoing PII it learned, retrieved, or inferred. |
Where it lives in the picker
InCreate Policy → When, the detection picker exposes two sibling categories for data protection:
| Category | Covers | Typical action |
|---|---|---|
| PII & Confidential | Personal and confidential entities — financial data, IDs, contact info, technical identifiers, international IDs. | Mask (most common), Block for the highest-severity entities. |
| Secrets & Keys | Credentials and machine identities — API keys, tokens, passwords, JWTs. | Block — secrets should never reach an LLM. |
Entity catalog
The catalog is grouped the same way it is in the engine. Every entity ships with a default mask placeholder that replaces the matched fragment on the wire.Financial
| Entity | Detects | Default mask |
|---|---|---|
| Credit Card | Card numbers (all major brands). | [MASKED_CC] |
| CVV | Card verification values. | [MASKED_CVV] |
| Bank Account | Bank account numbers. | [MASKED_ACCOUNT] |
| IBAN | International Bank Account Numbers. | [MASKED_IBAN] |
| SWIFT / BIC | SWIFT/BIC codes. | [MASKED_BIC] |
| Routing Number | Bank routing numbers. | [MASKED_ROUTING] |
| Stripe Key | Stripe API keys. | [MASKED_API_KEY] |
Personal identification
| Entity | Detects | Default mask |
|---|---|---|
| SSN | US Social Security Numbers. | [MASKED_SSN] |
| Driver’s License | Driver’s license numbers. | [MASKED_LICENSE] |
| Passport | Passport numbers. | [MASKED_PASSPORT] |
| Tax ID | Tax identification numbers. | [MASKED_TAX_ID] |
Contact information
| Entity | Detects | Default mask |
|---|---|---|
| Email addresses. | [MASKED_EMAIL] | |
| Phone Number | Phone numbers. | [MASKED_PHONE] |
| Address | Physical addresses. | [MASKED_ADDRESS] |
| ZIP Code | Postal codes. | [MASKED_ZIP] |
Technical identifiers
| Entity | Detects | Default mask |
|---|---|---|
| IP Address | IPv4 addresses. | [MASKED_IP] |
| IPv6 Address | IPv6 addresses. | [MASKED_IP6] |
| MAC Address | MAC addresses. | [MASKED_MAC] |
| UUID | Universally unique identifiers. | [MASKED_UUID] |
| Device IMEI | Device IMEI numbers. | [MASKED_IMEI] |
| Vehicle VIN | Vehicle identification numbers. | [MASKED_VIN] |
Authentication & security (Secrets & Keys)
These are the entities surfaced under the picker’s Secrets & Keys category — block them, don’t mask them.| Entity | Detects | Default mask |
|---|---|---|
| Password | Password fields (password=secret123, dotenv lines, etc.). | [MASKED_PASSWORD] |
| API Key | Generic API keys (api_key=…). | [MASKED_API_KEY] |
| Access Token | Bearer / access tokens. | [MASKED_TOKEN] |
| JWT Token | JSON Web Tokens. | [MASKED_JWT_TOKEN] |
Cryptocurrency
| Entity | Detects | Default mask |
|---|---|---|
| Crypto Wallet | Cryptocurrency wallet addresses. | [MASKED_WALLET] |
International IDs — Europe
| Entity | Detects | Default mask |
|---|---|---|
| Spanish DNI | Spanish national ID. | [MASKED_DNI] |
| Spanish NIE | Spanish foreigner ID. | [MASKED_NIE] |
| Spanish CIF | Spanish company tax ID. | [MASKED_CIF] |
| Spanish NSS | Spanish social security. | [MASKED_NSS] |
| Spanish IBAN | Spanish IBAN. | [MASKED_ES_IBAN] |
| French NIR | French social security. | [MASKED_FR_NIR] |
| Italian CF | Italian fiscal code. | [MASKED_IT_CF] |
| German ID | German national ID. | [MASKED_DE_ID] |
International IDs — Latin America
| Entity | Detects | Default mask |
|---|---|---|
| Brazilian CPF | Brazilian individual taxpayer ID. | [MASKED_BR_CPF] |
| Brazilian CNPJ | Brazilian company registry. | [MASKED_BR_CNPJ] |
| Mexican CURP | Mexican personal ID. | [MASKED_MX_CURP] |
| Mexican RFC | Mexican tax ID. | [MASKED_MX_RFC] |
| Argentine DNI | Argentine national ID. | [MASKED_DNI] |
| Chilean RUT | Chilean tax ID. | [MASKED_RUT] |
| Colombian CC | Colombian citizen ID. | [MASKED_CC] |
| Peruvian DNI | Peruvian national ID. | [MASKED_DNI] |
Other
| Entity | Detects | Default mask |
|---|---|---|
| US Medicare | US Medicare beneficiary IDs. | [MASKED_MEDICARE] |
| ISIN | International Securities IDs. | [MASKED_ISIN] |
| Date | Dates (various formats). | [MASKED_DATE] |
Custom entities
When the built-in catalog isn’t enough, add custom detectors for entities that matter to you — internal customer IDs, ticket numbers, project codenames, regulated case identifiers. Custom entities are defined per workspace and show up in the sameWhen picker alongside the built-in categories. They support:
- Keyword / dictionary lists for known vocabulary.
- Regex patterns for structured identifiers (
CASE-\d{6},CUST-[A-Z0-9]{8}).
Mask / Block / Log actions, same logs and metrics.
Masking — what Mask actually does
Picking Then → Mask on a data-protection policy does three things:
- Replaces the matched fragment in-flight with the entity’s default mask placeholder (
[MASKED_EMAIL],[MASKED_CC],[MASKED_SSN], …) before the request continues. The upstream provider and the model never see the original value. - Logs the detection with the entity type and position — but not the original value. Logs carry the placeholder (and a hash if you enable it).
- Mirrors the redaction on the return path for the same entities, so a masked prompt and the model’s response stay consistent.
Mask actively rewrites the payload, while Block and Log only inspect it.
Using data protection in a policy
StandardWhere / When / Then:
- Where — typically the
Gatewaysurface, optionally filtered byRoutesorUpstreams. UseBrowserif you want the same control on extension traffic. - When —
Input · triggers · PII & Confidential: Email, Credit Card(and/or)Input · triggers · Secrets & Keys: API Key, JWT Token
- Then —
Maskfor PII,Blockfor secrets.
Mask PII, Block secrets).
Common policies
- Mask PII before any third-party LLM call —
Where: Gateway · Routes /openai/*, /anthropic/*·When: Input · triggers · PII & Confidential·Then: Mask. - Block secrets everywhere —
Where: Gateway·When: Input · triggers · Secrets & Keys·Then: Block. Duplicate onOutputso the model can’t echo them back. - Strip PII from generated responses —
Where: Gateway·When: Output · triggers · PII & Confidential: Email, Phone Number·Then: Mask. - EU compliance — mask Spanish IDs on EU routes —
Where: Gateway · Upstreams = eu-*·When: Input + Output · triggers · PII & Confidential: Spanish DNI, Spanish NIE, Spanish NSS, Spanish IBAN·Then: Mask. - LatAm compliance — mask national IDs on regional routes —
When: Input + Output · triggers · Brazilian CPF, Mexican CURP, Argentine DNI, Chilean RUT, Colombian CC, Peruvian DNI·Then: Mask. - Log everything for a week, then enforce — clone any of the above with
Then: Logto baseline real traffic before flipping toMask/Block.