Updates · 4 min read

Ensuring data privacy is easier than ever with Detections in Fullstory

For many digital businesses, ensuring customer privacy can feel like a shot in the dark. With thousands of visitors, complicated web architecture, and ever-changing regulations, it can be hard to keep up with the sensitive information that may be hidden on your site. 

At Fullstory, we are dedicated to helping you protect your customers' privacy. That's why we've added a new feature to Fullstory's privacy capabilities to illuminate the places sensitive Personally Identifiable Information (PII) may exist on your site.

Detections, coupled with Private by Default and other powerful privacy features, makes Fullstory the most privacy-forward DXI platform.

In addition to offering customers a solution to prevent sensitive data capture, Fullstory now also offers customers the ability to detect when, where, and what type of sensitive PII might appear unblocked on your site and quickly remediate issues with Detections. 

Read on to learn more about the benefits of Detections in Fullstory. 


How Detections gives you greater peace of mind

Gain more oversight and visibility into your app

Detections makes the unknown known by monitoring your digital environment and uncovering the places sensitive user data may be buried. Detections ensures there's no PII hiding in your site's nooks and crannies.

Instead of: Being unaware of sensitive information being collected on your site

Websites today are built on an ecosystem of third-party software that can change without notice, and leak data unknowingly. Additionally, browser extensions can mix your site's content with content from third parties, exposing you to sensitive data in unexpected places.

Proactively and efficiently prioritize privacy 

Detections automatically monitors your site for select categories of sensitive data, such as credit card numbers and passwords, and automatically identifies and categorizes PII, so your teams can take action quickly. Detections locates issues in real-time, minimizing any impact.

Instead of: Relying on incomplete, reactive, expensive, and time-consuming site audits

Auditing your site could take weeks and, even then, any completed audit is immediately outdated because sites are dynamic and always changing. Site audits are also labor- and time-intensive, employing consulting companies or requiring engineers to shift focus from product to detective work. 

Make optimized privacy decisions 

Knowing when, where, and what type of data is collected on your site empowers you to go forward confidently knowing your team has the right visibility and context with Detections to make informed decisions that preserve user privacy

Instead of: Making uninformed decisions that rely on guesswork and leave you constantly worried your data isn’t compliant 

It can be difficult to gather of all the information you need to make an informed decision about PII and privacy—when you need to take action immediately. These gaps can put you and your company's and your customers' privacy at risk.

How Detections works

Detections can be thought of as two pieces:

1. Constant monitoring and categorization: Analytics run across the perimeter of your website and digital properties to proactively identify and categorize sensitive PII. 

2. Triage and remediation: A centralized inbox in Fullstory that aggregates Detection events in a table and provides methods of triaging and remediation.

Triaging and remediating a detection event

The first step in triaging a Detection event is determining if the sensitive data identified is a true positive. Fullstory makes this easy for you, by aggregating Detections events in a table with additional details available, including Sessions. Clicking into any of these sessions will bring you to the playback page and will highlight the specific Detection event. 

If the Detection event is a false positive, (like when the detected sensitive data is not truly sensitive), you can create an "ignore rule" directly from that event. An ignore rule specifies that a particular data source, such as a specific DOM element, is known to not contain sensitive information. Data sources matching ignore rules will not appear in the Detections inbox, allowing you to focus on the events that matter.

For true positives, you can easily delete the data and block it from future capture. 


Teams using Fullstory are uniquely empowered to precisely control their digital experience data, tailor privacy for their needs, understand privacy best practices, ensure and preserve user privacy, and continuously improve their privacy controls. 

Detections is now available to a subset of customers, and will be available to all customers in early 2023. Learn more about getting started with Detections in Fullstory here.

author

The Fullstory Team

Expert Group of Contributors

Our team of data and user experience experts shares tips and best practices. We are committed to introducing our audience to important topics surrounding analytics, behavioral data, user experience, product development, culture, engineering and more.