Hi, we have use case to ask sensitive/PII entities like PIN/OTP twice from user to ensure no fat fingering. This is quite common we face in day to day life with banking etc.
But unable to compare the 2 entities entered one after other in 2 nodes, as both entities get redacted to different values and when comparing context.entities they dont match. E.g. context.entities.PIN1===context.entities.PIN2 dont match even if both have 1234.
Tried multiple options like capturing entities with same entity name twice, bot level PII regex, Entity level Sensitive, storing in data table and retreiving, using IF within flows (using ENTITY, Context options) but none are working. Only see that the values get back to original only at the time of sending out of Kore like Service node. Pls suggest.
Senthil,
When the Sensitive Entity feature is enabled, you will not be able to manipulate or compare the redacted value. The platform is specifically designed to prevent what you are attempting to do and there is no work-around. Furthermore, I cannot recall ever being asked to re-enter a PIN or OTP in any conversational scenario and have never been asked to designed a bot to perform this function.
We do enter PIN twice when changing or setting it, this is a mandatory validation as per requirement. I guess the same reason why we enter new password twice in almost all situations. Could you pls elaborate why this may not be required?
Also to be clear I am not asking to compare redacted values but the original values. If user had mistakenly fat fingered, he has chance to fix it. Right now the only way seems to be create a service outside kore and call it just for this comparison.
I’ve tested numerous options and found that once an entity has been encrypted using the sensitivity feature, there’s very little you can do with it inside the bot. I did find one possible solution…a digital form. The form supports validation rules that allow the comparison of fields. I created a form with fields for OTP and re-enter OTP and then set the validation rules to check for a match. Unfortunately, it didn’t work as expected and I didn’t have time to troubleshoot. Maybe you can try it and let me know if you can get it to work. Note that the output form values can be set to secure. Good luck.
Thanks for trying. Unfortunately this is for a Voice bot (no chat/UI option). Also we are seeing more impacts on validations of such PII fields - not able to do basic validation of PIN example it should not be sequence, repetitive digits etc. Also similar validation for card number for Luhn algorithm (common routine to check 16 digit num is valid) is impacted. Looks like we are heading towards creating all validation services of PII outside Kore. Will BotKit help in anyway?
Yes, I believe the functionality provided by BotKit could be a viable solution.
FYI…I have a concern any time I collect a long number using the voice channel. It has been my experience that the ASR engine (all vendors) will add spaces in long numbers. People tend to speak numbers in segments and the ASR doesn’t always capture segments as a single number. I have often been forced to replace() the blanks before attempting to match the entity. This is not a concern with chat, but a huge challenge with voice. If you’re capturing card information and having inconsistent success with your match, watch out for unwanted spaces. It may be impossible to encrypt these values using voice and get the results you want.