PII Detection
Rivano scans every request and response body for personally identifiable information (PII) before it reaches the LLM provider or your application. Detection runs in the data plane — no PII ever reaches the control plane or dashboard in plaintext.
Entity types
Rivano detects six entity types out of the box:
| Entity | Example | Pattern type |
|---|---|---|
| SSN | 123-45-6789 | Regex + checksum |
[email protected] | RFC-compliant regex | |
| Phone | +1 (555) 123-4567 | E.164 + regional formats |
| Credit card | 4111 1111 1111 1111 | Luhn algorithm |
| Name | John Smith | NLP entity model |
| Address | 123 Main St, Springfield, IL | Pattern + gazetteer |
Detection is applied to the full content of each message in the messages array, including system prompts and tool call arguments.
Redaction strategies
When a policy fires with action redact, Rivano applies one of four strategies to the matched value:
| Strategy | Behavior | Example output |
|---|---|---|
mask | Replace with a fixed placeholder | [REDACTED] |
partial | Keep first/last chars, replace middle | j***@example.com |
tokenize | Replace with a reversible token | PII_EMAIL_a1b2c3 |
drop | Remove the containing message | Message omitted |
The tokenize strategy stores the mapping in memory for the duration of the request, allowing the response to be de-tokenized before returning to your application (if configured). Tokens are not persisted.
Streaming support
PII detection works on streaming responses. Rivano buffers a 200-character sliding window over the stream and scans each window as it advances. Matched entities are redacted before the chunk is forwarded to the caller.
There is a brief buffering delay (typically under 5ms) for streaming responses. This is the minimum required to span entity boundaries across chunks.
Configuration via policies
Enable PII detection by creating a policy with a pii_detected condition:
# rivano.yaml
policies:
- name: block-pii-in-requests
phase: request
condition:
type: pii_detected
entities: [ssn, credit_card]
action: block
- name: redact-pii-in-responses
phase: response
condition:
type: pii_detected
entities: [email, phone, name, address]
action: redact
redaction_strategy: maskYou can also create policies via the SDK:
import Rivano from '@rivano/sdk';
const rivano = new Rivano({ apiKey: process.env.RIVANO_API_KEY! });
// Block requests containing SSN or credit card numbers
await rivano.policies.create({
name: 'block-pii-in-requests',
phase: 'request',
condition: {
type: 'pii_detected',
entities: ['ssn', 'credit_card'],
},
action: 'block',
enabled: true,
});
// Redact names and emails from responses
await rivano.policies.create({
name: 'redact-pii-in-responses',
phase: 'response',
condition: {
type: 'pii_detected',
entities: ['email', 'name'],
},
action: 'redact',
redactionStrategy: 'mask',
enabled: true,
});Viewing PII events
The Security → PII Detection page in the dashboard shows a summary of detected entity types across all traces in the selected time range. Clicking an entity type shows the traces where it appeared.
The trace detail panel shows which messages triggered PII detection and what action was taken. The original content is never stored or displayed.
PII detection operates on content patterns. It does not guarantee 100% recall. For regulated data (HIPAA, GDPR), supplement Rivano’s detection with data classification at the application layer.
Related
- Policies — Full policy syntax reference
- Injection Detection — Prompt injection scoring
- Audit Logging — PII events in the audit trail
- Security Overview — Defense-in-depth pipeline