Ensure that sensitive customer data is protected while monitoring mobile apps

To help you remain compliant with your data privacy policies while monitoring the performance of your mobile apps, we at Dynatrace are constantly adding new data privacy-related features.

Whether you run a small food delivery company, a mid-sized movie-streaming business, or a multinational hotel group, Dynatrace Real User Monitoring provides gapless insight into all the user journeys of the customers of your app, from the frontend to the backend. Thus, you can proactively resolve issues and ensure that your applications meet your business goals. But your applications often contain sensitive data that must be kept secure and in compliance with your company’s security policies. To remain compliant, you need to ensure protection for certain types of data and specific attributes that may contain personally identifiable information (PII).

We’ve developed Dynatrace Real User Monitoring with data privacy regulations and laws in mind (for example, GDPR in Europe, the California Consumer Privacy Act, and others). While Dynatrace captures the user experience of each end user interaction with your application (button clicks, page loads, timings, URLs of all web requests, etc.), it also provides these protection mechanisms for sensitive end user data:

  • URL exclusions
  • IP address masking
  • Location data masking
  • User input masking in Session Replay (and elsewhere)

To help you remain compliant with your data privacy policies while monitoring the performance of your applications, we at Dynatrace are constantly adding new data privacy-related features.

Below is a typical scenario where a customer needs to modify their mobile app instrumentation to avoid capturing PIN codes.

The challenge: Mask PIN codes in user actions

Let’s say that your app requires your customers to enter a PIN code to confirm their identity. To facilitate entering of the PIN code, your app shows an on-screen keypad image that includes buttons labelled 0 to 9 (see below). Once you apply auto-instrumentation, OneAgent for mobile automatically records a user action whenever the user touches a control on this screen, using the page caption as a value for the user action name. In this scenario, this approach leads to the creation of user actions with names like Touch on 1. If you were to view these user actions in the context of a user session, you would be able to determine the customer’s actual pin code!

Solution #1: Sanitize sensitive data at collection time

You don’t want sensitive data like PIN codes showing up in your performance monitoring solution because, in addition to being a liability, such details provide no value in terms of understanding how you can improve the performance of your applications. The best way to address this situation is to avoid sending the data to Dynatrace in the first place.

The solution here is to modify all action names that show specific keypad values with asterisks (for example, Touch on 1 becomes Touch on *). With OneAgent SDK for Android version 8.189, we’ve introduced an API that allows you to modify user action names that are captured by OneAgent for Android. On iOS, you can use the custom control names feature, which allows you to define an alternative name that is to be used instead of the caption. This approach ensures that the PIN code won’t be sent to Dynatrace in the first place.

Solution #2: Sanitize sensitive data at processing time

It might not always be possible to make all the required code changes in your app, or you may miss an issue that’s only discovered after deployment. For such situations, there is another way you can sanitize customer data—by leveraging user action naming rules. Naming rules are applied on every user action at processing time. In this way, action names can be irreversibly masked. This means, that the original names won’t even be stored; this makes it impossible to restore the PIN number by viewing the user sessions.

To define a regex pattern that matches all PIN entry actions and an alternative name, go to Mobile app settings > Naming rules > Add naming rule. The preview allows you to confirm that the naming rule works as intended before you apply it.

Note: This approach won’t avoid having the PIN code entry sent to Dynatrace, but it will ensure that Dynatrace never stores the value.

What’s next

Does the above-mentioned scenario remind you of any of your own data privacy challenges? Dynatrace Help contains a lot of additional information regarding how to properly configure Dynatrace so that your organization remains compliant with applicable governmental regulations like GDPR and CCPA. And, of course, we’re constantly improving Dynatrace capabilities to ensure maximum visibility while honoring your end users’ privacy.

If you have additional requirements regarding sensitive data or PII, please reach out to us by posting your response in the Dynatrace Answers user forum.

Stay updated