Data masking in Session Replay - Mobile Apps

Personal data masking helps prevent unnecessary data from being sent to Contentsquare by masking personal data when it could be collected by Session Replay. This includes replacing masked text and images with a blur effect, placeholders, or “lalala” for example.

By default, the Contentsquare SDK masks all content displayed on your user interface (UI). However, there are masking mechanisms available that allow you to be more specific about what is/isn’t masked.

Masking/Unmasking mechanisms

Having all UI content masked by default can make it difficult to analyze your app’s interface in a replay. Therefore, you are able to control which part of the user interface is collected via our masking and un-masking APIs, allowing you to only mask what’s necessary.

This typically happens during your Contentsquare implementation, with the support of your technical team (as it’s done directly in your app’s code). You can mask or unmask specific components in two ways:

• by ‘type’ (e.g. the model of the component): all instances of this model will be affected by the same masking/unmasking rule, or,

• by ‘instance’: only a specific instance of a component will be affected by the rule

You can find our technical documentation on this below:

• Personal data masking for iOS - Technical documentation
• Personal data masking for Android - Technical documentation

How masking displays in Session Replay

iOS: Before masking (left) vs full masking applied (right)

• Text is replaced with “la”
• Images are replaced with the “IMG” placeholder

Android: Before masking (left) vs full masking applied (right)

• Text and images are blurred

Full data masking by App and/or CS SDK versions

Separate from the masking/un-masking APIs above, you can also mask multiple app and/or SDK versions within the Contentsquare Console. This is primarily used if you know, or have concerns, that unnecessary personal data has been exposed, as it allows you to act quickly by applying full masking to specific app versions (and overriding your existing masking configurations).

1. Click your profile icon in the top right, followed by ‘Console’.

2. Click the ‘Data masking’ tab.

3. Under either ‘App version’ or ‘SDK version’ enter the version you want to mask and hit the Enter/Return key on your keyboard.

4. Select the ‘+ Add’ button to add more versions.

5. Click ‘Apply’, followed by ‘Continue’ after noting the following onscreen information: your changes will take effect for all running sessions, either; when the app is in the background and brought back to the foreground, or, when the app is restarted. Previous configurations or masking rules defined with APIs (as above) will be overridden.

How to input multiple versions matching a pattern, or within a range

• Use the asterisk ‘*’ to define multiple versions matching an exact pattern, for example:
  • 4.* would include versions 4.1, 4.2, 4.3 etc, but not 4.1.1
  • 4.*.* would include versions 4.1.1, 4.2.2, 4.3.3 etc, but not 4.1 or 4.2 and so on…
  • 4.1.*-* would include versions 4.1-beta, 4.1.1-121, 4.1.4-1b etc
• Use the following operators to add multiple versions within a range:

Version hierarchy

Versions are compared as strings in alphabetical order, with some additional rules for numbers and “nothing”:

• Numbers (0-9) are considered before/lesser than letters (a-z)
  • 4.1.1-0 < 4.1.1-alpha (because the number “0” comes before letters “alpha”)
  • 4.1.1-alpha < 4.1.1-beta (because “alpha” comes before “beta” alphabetically)
• “Nothing” (e.g. a version without a suffix) is considered inferior to anything else, for example:
  • 4.1.1 < 4.1.1-0 (because “nothing” comes before the suffix/anything else)