Credit card DLP Senstive Info type is not working

Ali Pour Ebrahim 41 Reputation points
2020-11-24T13:05:45.74+00:00

Hi Guys
Hope you can help.
I've created a word document that contains the following sensitive info:

Can you order me a new laptop. Use my VISA number 1111-1111-1111-1111, expiry 11/22, and send me the estimated delivery date when you have it.

When I tested this document using test option the M365 Compliance portal, the test cannot match to the rule :

42207-image.png

Has anyone got the same issue with the Credit card detection?

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,339 questions
0 comments No comments
{count} votes

Accepted answer
  1. Andy David - MVP 141.2K Reputation points MVP
    2020-11-24T13:16:43.087+00:00

    Are you testing with a real CC number? or ones that appear to be real?
    It doesn't just fire on a random number with the right pattern, it depends on an algorithm as well as "corroborative evidence ".

    https://learn.microsoft.com/en-us/exchange/security-and-compliance/data-loss-prevention/dlp-rule-application

    You can also search the internet for fake CC numbers to evaluate the rule.


0 additional answers

Sort by: Most helpful