Dec 06 2023 11:35 PM
Hello, I'm just getting started with Microsoft Purview and testing some functions. In the "Information protection" section in compliance.microsoft.com portal, there is this Recommendation/suggestion notification is showed. It says "Protect these items containing credit card number", with number of items.
Is this number true? How did it know? Is it just guessing any 16 digit numbers as card numbers, or does it actually verify?
Dec 07 2023 03:03 AM
Hi @amurkoko,
Microsoft Purview serves as a comprehensive data governance service, aiding organizations in the management and safeguarding of their data. Its capabilities extend to the detection of sensitive information types (SITs), such as credit card numbers, within the context of communication compliance policies.
Purview employs sophisticated built-in classifiers, harnessing a blend of AI and keyword analysis to scrutinize communication channels for configured SITs.
In the case of credit card numbers, a stringent classification pattern is applied—requiring a match of 14 to 16 digits, which can be in formatted or unformatted states (dddddddddddddddd), and must successfully pass the Luhn test.
So, the number you see in the “Information protection” section is not a simple guess, but a result of a more sophisticated detection process.
Credit card number entity definition | Microsoft Learn
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)