🆕Mask Field

Overview

To enhance data security, protect user privacy, and ensure compliance with regulations such as GDPR, HIPAA, and PCI-DSS, MangoApps Trackers support masking of sensitive information. This feature allows you to obscure sensitive data stored in specific columns, making it unreadable to unauthorized viewers.


What is Masking?

Masking hides sensitive values in tracker columns by displaying them as ******** (eight asterisks), preventing users from viewing or guessing the actual content.


Supported Column Types

Masking is optional and can be enabled at the time of column creation. Once set, it cannot be changed later.

Masking can be enabled for the following column types:

  • Amount

  • Number

  • Text


Mask Property: Key Rules

Masking is permanent, once a column is created with masking enabled, this setting cannot be turned on or off later.

After masking is enabled, the type of a column selected cannot be changed.

Masked columns cannot be used in or selected as:

  • Filters

  • Sorting

  • Grouping

  • Workflow conditions

Masked values will not appear in:

  • Emails

  • News feeds

  • Messages

  • Push notifications


Form Behavior for Masked Fields

When filling out a form, the submitter can view the actual value in a masked field before submission.

Once submitted the value becomes permanently hidden.

After submission, this value is not viewable by anyone, including the submitter and network admins

The field can conditionally be shown or hidden using the form rule builder (but not the value).


Use Cases for Value Masking

Use Case
Masked Field
Purpose

Healthcare

(HIPAA Compliance)

Patient Records

Social Security Number, Insurance Policy Number, Medical Record ID

Protects patient identifiers and ensures only authorized users can access this information, maintaining HIPAA compliance.

Human Resources

(GDPR Compliance)

Employee Salary Tracker

Salary Amount, Bank Account Number, National ID

Prevents sensitive compensation or personal data from being accessed or shared unintentionally, supporting GDPR requirements.

Finance & Accounting

(PCI-DSS Compliance)

Reimbursement Requests or Vendor Payments

Credit Card Number, Tax ID, Bank Details

Secures payment information and helps comply with PCI-DSS regulations by masking sensitive financial fields.

E-commerce Operations

Refund or Chargeback Requests

Transaction ID, Card Digits, Customer Bank Info

Ensures customer financial data is protected during the review and processing of payment-related issues.

Case File Tracker

Client Confidential ID, Settlement Amounts

Maintains confidentiality of legal case information while allowing for structured data management.

Procurement

Vendor Onboarding Tracker

Tax Numbers, Contract Amounts, Bank Details

Protects sensitive vendor information from unauthorized access while enabling collaboration across departments.

IT & Security Teams

Internal Access Log Reviews

IP Address, Device Identifiers, Session Tokens

Prevents misuse of security log data while still enabling teams to audit and track system activity effectively.


Low-Code Tracker App Support

In low-code Tracker apps and widgets, developers can use a special %{decrypt} function within custom HTML/CSS to reveal masked values. However, this should only be used by users who are authorized to view those records.

Click here to view an example of this function.

Last updated