Redaction Entities Configuration API
Feature Release
This is the announcement for an upcoming ASAPP feature. Your ASAPP account team will provide a target release date and can direct you to more detailed information as needed.
Overview
AutoTranscribe is being enhanced with a new self-serve feature to support entities for its redaction service, available to ASAPP’s partners and customers. This feature allows users to independently add or delete both PCI and PII entities for redaction. Once enabled, these entities will be applied to the transcribed audio, ensuring that transcriptions are appropriately redacted and customer data remains secure. Below is a list of some sample entities: PCI (Payment Card Industry)
Entity Label | Status | Description |
|---|---|---|
CREDIT_CARD_NUMBER | auto-enabled | Credit card numbers Non-redacted: 0111 0111 0111 0111 Redacted: **** **** ****1312 Cannot be changed/updated without ASAPP’s security approval. |
CVV | auto-enabled | 3- or 4-digit card verification codes and/or equivalents Non-redacted: 561 Redacted: *** Cannot be changed/updated without ASAPP’s security approval. |
PII (Personally Identifiable Information)
Entity Label | Status | Description |
|---|---|---|
PASSWORD | auto-enabled | Account passwords Non-redacted: qwer1234 Redacted: ******* |
PIN | auto-enabled | Personal Identification Number Non-redacted: 5614 Redacted: **** |
SSN | auto-enabled | Social Security Number Non-redacted: 012-03-1134 Redacted: *--1134 |
not enabled | Email address Non-redacted: test@asapp.com Redacted: ***@asapp.cpm | |
PHONE_NUMBER | not enabled | Telephone or fax number Non-redacted: +11234567891 Redacted: *********** |
DOB | not enabled | Date of Birth Non-redacted: Jan 31, 1980 Redacted: ****** |
PROFANITY | not enabled | Profanities or banned vocabulary Non-redacted: “silly” Redacted: ***** |
Use and Impact
This feature allows users to fully customize and self-manage their own rules. With the ability to enable, disable, or delete custom redaction entities, users can tailor their security measures to align perfectly with their specific domain and business requirements. This is particularly valuable for organizations handling sensitive information such as PCI and PII data, as it enables them to create redaction rules that address their unique compliance needs. The self-service aspect of this feature allows users to adapt to changing data protection demands without relying on external support.
Some PCI rules are driven by compliance and will be enabled by default. Users must obtain AA’s approval to modify or update them.
The Redaction Entities Configuration API aims to deliver significant benefits to customers and partners
- Tailored Redaction for Enhanced Data Security: By enabling users to customize redaction entities, the redaction service can automatically apply these rules during transcription, aligning perfectly with their specific domain and business needs. This ensures precise redactions that are often missed or incorrectly handled by manual methods, thus enhancing the data security by ensuring that sensitive information is automatically redacted from transcriptions.
- Faster Configuration This feature allows for swift initial configuration, expediting the onboarding process for customers. It reduces dependency on ASAPP support teams, enabling customers to get up and running quickly and efficiently.
How It Works
The API Calls take a single conversation identifier and immediately returns an array of messages that covers the full conversation.
| Field Name | Type | Description |
|---|---|---|
| redactionEntities | array | Available redaction rules |
| redactionEntities].id | String | The id of the redaction rule. Also a human readable name. |
| redactionEntities[].name | String | Name of the redaction entity |
| redactionEntities[].description | String | Field Description |
| redactionEntities[].active | Boolean | Indicates whether the redaction rule is active |
- List redaction entities
GET /configuration/v1/redaction/redaction-entitiesSample Response{ "redactionEntities": [ { "id": "DOB", "name": "DOB", "description": "It redacts Data of birth content of data", "active": false }, { "id": "PASSWORD", "name": "PASSWORD", "description": "It redacts passwords", "active": true }, { "id": "PROFANITY", "name": "PROFANITY", "description": "It redacts words and phrases present in a list of known bad words", "active": false }, { "id": "EMAIL", "name": "EMAIL", "description": "It redacts any well-formed email address (abc@asapp.com)", "active": true }, { "id": "PHONE_NUMBER", "name": "PHONE_NUMBER", "description": "Redacts sequences of digits that could be phone numbers based on phone number formats.", "active": false }, { "id": "CREDIT_CARD_NUMBER", "name": "CREDIT_CARD_NUMBER", "description": "Redacts credit card data", "active": true }, { "id": "PIN", "name": "PIN", "description": "Redacts the pin", "active": true }, { "id": "SSN", "name": "SSN", "description": "It redacts all the digits in next few sentences containing ssn keyword", "active": true } ], "nextCursor": null, "prevCursor": null } - List current active redaction entities
GET/configuration/v1/redaction/redaction-entities?active=trueQuerying the redaction entities with the active flag shows which redaction rules are currently active. By default, all auto-enabled entities will be active for every user, however, users can update these rules to suit their individual needs Sample Response{ "redactionEntities": [ { "id": "PASSWORD", "name": "PASSWORD", "description": "It redacts passwords", "active": true }, { "id": "EMAIL", "name": "EMAIL", "description": "It redacts any well-formed email address (test@asapp.com)", "active": true }, { "id": "CREDIT_CARD_NUMBER", "name": "CREDIT_CARD_NUMBER", "description": "Redacts credit card data", "active": true }, { "id": "PIN", "name": "PIN", "description": "Redacts the pin", "active": true }, { "id": "SSN", "name": "SSN", "description": "It redacts all the digits in next few sentences containing ssn keyword", "active": true } ], "nextCursor": null, "prevCursor": null } - Fetch a redaction entity:
GET /configuration/v1/redaction/redaction-entity/\{entityId\}Sample ResponseHTTP 200 // Returns the redaction entity resource. - Activate or Disable a redaction entity
Change an entity to active or not by setting the active flag.
PATCH /configuration/v1/redaction/redaction-entity/\{entityId\}Sample Request BodyOn success, returns HTTP 200 and the Redaction entity resource. Sample Response{ "active":true }{ "id": "PASSWORD", "name": "PASSWORD", "description": "It redacts passwords", "active": true }
FAQs
- What is an entity? In the context of redaction, an entity refers to a specific type or category of information that you want to remove or obscure from the response text. Entities are the “labels” for the pieces of information you want redacted. For example, “NAME” is an entity that represents personal names, “ADDRESS” represents physical addresses, and “ZIP” represents postal codes. When you wish to redact, you specify which entities you want redacted from your text.
- Can I delete existing redaction entities? Users can only enable or disable the predefined entities listed in the previous section. Due to PCI compliance regulations, two entities (CREDIT_CARD_NUMBER and CVV) are initially disabled and can only be removed through ASAPP’s compliance process. All other entities are not enabled by default, but users have the flexibility to enable any of these according to their specific requirements. Users cannot create new entities or modify existing ones; they can only control the activation status of the predefined set.
- What is the accuracy of the redaction service of ASAPP? Our redaction service currently supports over 50 Out of the box (OOTB) entities, with the flexibility to expand and update this set as required. For specific entity customization, including enabling or disabling particular entities or suggesting new entities to tailor to your specific needs, please contact ASAPP’s support team.