By default, VWO anonymizes all key presses to avoid storing or transmitting any personal or sensitive data to VWO servers. For this, the Anonymize all key presses option in Recordings > Settings > Configuration is checked by default.
VWO will anonymize the following fields to avoid transmitting your personal data through VWO servers:
- Three consecutive digits of phone numbers, credit card, social security, and CVV
Hide Entire Body
For added security, VWO allows you to anonymize data on the entire HTML body of a website. This can be done by enabling the Hide entire body option.
NOTE: Only the text is hidden from the recordings but not images.
Despite the default setting for anonymizing keystrokes, you can provide additional security to mask certain non-input fields where personal data could be visible. For example, order summary, Checkout page, and others. There are two ways to anonymize such non-input fields:
ANONYMIZE can be done by owner and admin and whilelist can only be done by owner.
- Add the nls_protected class
The HTML tag with the protected class will mask the content with special characters and prevent it from displaying the information on the specific area. Add the following code to the section you want to anonymize:
<input type="text" name="cc_number" class="nls_protected" />
NOTE: The fields can only be anonymized by the account owner and admin.
- Add the selector path
You can anonymize or whitelist elements on your website using a selector path.
NOTE: The fields can only be whitelisted by the account owner.
- To anonymize an element on using the selector path, go to INSIGHTS > Session Recordings.
- Click on the Settings icon present in the session recordings dashboard.
- In the settings dialog, click the EDIT button next to configuration.
- In the ANONYMIZE / WHITELIST ELEMENTS section, click Add Element.
- Enter the CSS selector path for the element you want to anonymize.
- Click Save.
ATTENTION: By default, all password fields and three consecutive digits of
any number will be anonymized. The password field will always be anonymized,
regardless of whitelisting such fields. For numerical inputs like credit
card details, social security numbers, or CVV, enabling anonymization will
replace the actual input with zeroes.