PII Detection & Redaction
AxonFlow provides built-in detection and redaction of Personally Identifiable Information (PII) in LLM interactions. The system uses a hybrid approach combining fast regex-based pattern matching with intelligent validation to minimize false positives while maintaining sub-millisecond latency.
Detection vs Policy
Detection identifies what happened. Policies determine what action to take.
For example, PII detection can be enabled while policies are configured to log-only during development, and later switched to block or require_approval in production — without changing application code.
This separation allows AxonFlow to support experimentation, audits, and enforcement within the same architecture.
Supported PII Types
Global PII Types
| Type | Severity | Example | Validation |
|---|---|---|---|
| SSN | Critical | 123-45-6789 | Area/group/serial rules |
| Credit Card | Critical | 4532-0151-1283-0366 | Luhn algorithm |
| Medium | [email protected] | RFC 5322 format | |
| Phone | Medium | (555) 123-4567 | Format + context |
| IP Address | Medium | 192.168.1.100 | IPv4 validation |
| IBAN | Critical | DE89370400440532013000 | MOD 97 checksum |
| Passport | High | AB1234567 | Format + context |
| Date of Birth | High | 01/15/1990 | Context-dependent |
| Bank Account | Critical | 021000021-123456789 | ABA routing checksum |
India PII Types
| Type | Severity | Example | Validation |
|---|---|---|---|
| India PAN | Critical | ABCDE1234F | 10-char format with entity type |
| India Aadhaar | Critical | 2345 6789 0123 | 12-digit with Verhoeff checksum |
Singapore PII Types (MAS FEAT)
Singapore PII detection is now available in AxonFlow Community Edition. See MAS FEAT Compliance.
| Type | Severity | Example | Validation |
|---|---|---|---|
| NRIC | Critical | S1234567D | 9-char with prefix S/T/M |
| FIN | Critical | F1234567N | 9-char with prefix F/G |
| UEN | High | 200312345A | 8-10 digit business registration |
| SG Phone | Medium | +65 9123 4567 | +65 format, 8-digit |
| SG Postal | Low | 238877 | 6-digit Singapore postal |
NRIC Prefixes:
S- Citizen born before 2000T- Citizen born 2000+M- Foreigner from 2022+F- Foreigner before 2000G- Foreigner 2000-2021
How It Works
Two-Layer Detection
- Agent Layer (Static Engine): Fast regex-based detection (<1ms) that flags potential PII for downstream processing
- Orchestrator Layer (Enhanced Detector): Deep validation with Luhn, MOD 97, and context-aware confidence scoring
False Positive Prevention
The enhanced detector uses context analysis to reduce false positives:
Input: "Order number: 123-45-6789"
→ Context contains "order" → Low confidence (not flagged as SSN)
Input: "Customer SSN: 123-45-6789"
→ Context contains "SSN" → High confidence (flagged as SSN)
Configuration
Environment Variable Configuration
Configure PII detection behavior using environment variables:
| Variable | Values | Default | Description |
|---|---|---|---|
PII_ACTION | block, warn, redact, log | redact | Action when PII is detected |
Actions:
block- Reject request immediatelywarn- Log warning, allow request throughredact- Mask/redact detected PII, allow request (default)log- Log for audit only, allow unmodified
# Default: PII is redacted (masked) but request continues
docker compose up -d
# Block requests containing PII
PII_ACTION=block docker compose up -d
# Warn only - log but don't modify or block
PII_ACTION=warn docker compose up -d
PII detection now defaults to redact instead of block. This preserves user experience while ensuring PII is masked. To restore strict blocking, set PII_ACTION=block.
Gateway Mode
PII detection is automatically enabled in Gateway Mode's pre-check and audit endpoints:
# Pre-check detects PII in prompts
curl -X POST https://api.example.com/api/policy/pre-check \
-H "Content-Type: application/json" \
-H "X-Client-Secret: your-secret" \
-d '{
"prompt": "Customer SSN: 123-45-6789",
"context": {}
}'
Response includes PII warnings:
{
"approved": true,
"policies": ["ssn_detection"],
"context_id": "ctx_abc123"
}
SDK Usage
See complete working examples in the AxonFlow examples repository.
Python
from axonflow import AxonFlow
async with AxonFlow(
endpoint="http://localhost:8080",
client_id="your-client-id",
client_secret="your-secret",
) as client:
result = await client.get_policy_approved_context(
user_token="user-123",
query="Process refund for SSN 123-45-6789",
)
if not result.approved:
print(f"Blocked: {result.block_reason}")
elif result.policies:
print(f"Policies triggered: {result.policies}")
TypeScript
import { AxonFlow } from '@axonflow/sdk';
const axonflow = new AxonFlow({
endpoint: 'http://localhost:8080',
tenant: 'your-tenant',
});
const result = await axonflow.getPolicyApprovedContext({
userToken: 'user-123',
query: 'Process refund for SSN 123-45-6789',
});
if (!result.approved) {
console.log(`Blocked: ${result.blockReason}`);
}
Go
import "github.com/getaxonflow/axonflow-sdk-go"
client := axonflow.NewClient(axonflow.AxonFlowConfig{
Endpoint: "http://localhost:8080",
})
result, err := client.GetPolicyApprovedContext(
"user-123",
"Process refund for SSN 123-45-6789",
nil, nil,
)
if !result.Approved {
log.Printf("Blocked: %s", result.BlockReason)
}
Java
import com.getaxonflow.sdk.AxonFlow;
import com.getaxonflow.sdk.AxonFlowConfig;
import com.getaxonflow.sdk.types.*;
AxonFlow client = AxonFlow.create(AxonFlowConfig.builder()
.endpoint("http://localhost:8080")
.build());
PolicyApprovalResult result = client.getPolicyApprovedContext(
PolicyApprovalRequest.builder()
.query("Process refund for SSN 123-45-6789")
.userToken("user-123")
.build()
);
if (!result.isApproved()) {
System.out.println("Blocked: " + result.getBlockReason());
}
Redaction Strategies
When PII is detected, AxonFlow applies redaction based on user permissions:
| Strategy | PII Types | Result |
|---|---|---|
| Masking | SSN, Credit Card, Phone | XXX-XX-6789, ****-****-****-0366 |
| Hashing | [HASHED_16] | |
| Full Redaction | Unknown types | [REDACTED] |
Permission-Based Access
| Permission | Visible PII Types |
|---|---|
view_full_pii | All PII types |
view_basic_pii | Email, Phone only |
view_financial | Credit Card, Bank Account |
| Admin role | All (wildcard) |
Performance
| Operation | Latency | Notes |
|---|---|---|
| Single type detection | ~1μs | Type-specific check |
| Full detection (no PII) | ~17μs | All patterns |
| Full detection (with PII) | ~25μs | With validation |
| Long text (10KB) | ~1.4ms | Comprehensive scan |
Compliance
AxonFlow's PII detection helps with compliance requirements:
| Regulation | Supported PII Types |
|---|---|
| PCI-DSS | Credit card numbers, bank accounts |
| HIPAA | SSN, DOB, medical identifiers |
| GDPR | Email, phone, address, IP |
| CCPA | SSN, driver's license |
Best Practices
- Enable validation for financial data (credit cards, bank accounts)
- Use context to reduce false positives
- Set appropriate permissions based on user roles
- Log PII detection events for audit trails
- Test with realistic data to tune confidence thresholds