Skip to main content

Step 2: Encrypt Customer PII Data

The pattern you used to encrypt credit card numbers can be applied to any piece of Personally Identifiable Information (PII). In this step, you will extend your pipeline to also encrypt the ssn and email fields.

The Goal

You will enhance your existing processor to also:

  1. Encrypt the ssn and email fields.
  2. Extract ssn_last_four and email_domain for analytics.
  3. Delete the original ssn and email fields.

Implementation

  1. Start with the Previous Pipeline: Copy the encrypt-card.yaml file from Step 1 to a new file named encrypt-pii.yaml.

    cp encrypt-card.yaml encrypt-pii.yaml

  2. Enhance the Encryption Processor: Open encrypt-pii.yaml. You will add more logic to the single existing mapping processor to handle the new fields. This is more efficient than creating separate processors for each field.

    Replace the 'mapping' processor in encrypt-pii.yaml
    - mapping: |
        # --- Logic from Step 1 (Card Encryption) ---
        let clean_card = this.payment.card_number.re_replace_all("[^0-9]", "")
        root.payment.card_number_encrypted = clean_card.encrypt_aes("gcm", env("CARD_ENCRYPTION_KEY"))
        root.payment.card_last_four = clean_card.slice(-4)
        root.payment.card_brand = if clean_card.has_prefix("4") { "visa" } else { "unknown" }
        root.payment = this.payment.without("card_number")

        # --- START: New additions for Customer PII ---

        # 2. Encrypt SSN (if it exists)
        if this.customer.ssn.exists() {
          let clean_ssn = this.customer.ssn.re_replace_all("[^0-9]", "")
          root.customer.ssn_encrypted = clean_ssn.encrypt_aes("gcm", env("PII_ENCRYPTION_KEY"))
          root.customer.ssn_last_four = clean_ssn.slice(-4)
        }

        # 3. Encrypt Email (if it exists)
        if this.customer.email.exists() {
          let email_parts = this.customer.email.split("@")
          root.customer.email_encrypted = this.customer.email.encrypt_aes("gcm", env("PII_ENCRYPTION_KEY"))
          if email_parts.length() == 2 {
            root.customer.email_domain = email_parts[1]
          }
        }

        # 4. Remove the original plaintext PII fields
        root.customer = this.customer.without("ssn", "email")

        # --- END: New additions ---

    Note: This step uses a separate PII_ENCRYPTION_KEY. Ensure you have generated it and set it as an environment variable as described in the setup.mdx guide.

  3. Deploy and Test:

    # Send the sample payment data, which includes a customer object
    curl -X POST http://localhost:8080/events/payment \
      -H "Content-Type: application/json" \
      -d @/tmp/encryption-test/sample-payment.json

  4. Verify: Check your logs. You will see that in addition to the encrypted card number, the customer object now contains ssn_encrypted, ssn_last_four, email_encrypted, and email_domain, while the original ssn and email fields have been removed.

By extending the existing processor, you have efficiently added more PII protection to your pipeline. This pattern can be repeated for any number of sensitive fields.