question

AliPourEbrahim-4236 avatar image
0 Votes"
AliPourEbrahim-4236 asked AliPourEbrahim-4236 commented

Credit card DLP Senstive Info type is not working

Hi Guys
Hope you can help.
I've created a word document that contains the following sensitive info:

Can you order me a new laptop. Use my VISA number 1111-1111-1111-1111, expiry 11/22, and send me the estimated delivery date when you have it.

When I tested this document using test option the M365 Compliance portal, the test cannot match to the rule :


42207-image.png



Has anyone got the same issue with the Credit card detection?

office-exchange-server-mailflow
image.png (17.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

AndyDavid avatar image
0 Votes"
AndyDavid answered AliPourEbrahim-4236 commented

Are you testing with a real CC number? or ones that appear to be real?
It doesn't just fire on a random number with the right pattern, it depends on an algorithm as well as "corroborative evidence ".

https://docs.microsoft.com/en-us/exchange/security-and-compliance/data-loss-prevention/dlp-rule-application


You can also search the internet for fake CC numbers to evaluate the rule.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.