What does 'confidence indicator' mean?

Each detected match is assigned a confidence level: High means the match fits a strict, unambiguous pattern (e.g., a valid Luhn-checked credit card number or a properly formatted SSN). Medium means the match is likely but could have false positives (e.g., a phone number pattern that also matches other numeric sequences). Low means the match is heuristic (e.g., name patterns that match many non-name strings). You can choose to only mask high-confidence matches, or apply masking to all detections.

How does partial masking work for emails?

For email addresses, partial masking preserves the first character of the local part and the domain extension. For example, john.doe@example.com becomes j***@***.com. For other data types, partial masking preserves up to 2 leading and 2 trailing characters, masking the middle portion with asterisks.

PII Mask Generator

Paste text containing personal data — emails, SSNs, credit cards, phone numbers, IP addresses, and more — get it masked instantly. Every byte stays in your browser.

Settings

Masking Style

Min. Confidence

PII Types

Custom Patterns

Input Text

Detection Preview

High Medium Low

Detected PII will be highlighted here

High: 0 Medium: 0 Low: 0 Total: 0

Masked Output

Frequently Asked Questions

Does any of my text get uploaded to a server?

No. All PII detection and masking happens entirely in your browser using JavaScript. Your text never leaves your device. There are no API calls, no server-side processing, and no data storage of any kind. This is the core design principle — the tool is built specifically for sensitive data you can't afford to send to a third-party server.

What types of PII can this tool detect?

The tool auto-detects: email addresses, US phone numbers (multiple formats), Social Security Numbers (SSNs), credit card numbers (Visa, Mastercard, Amex, Discover — with Luhn validation), IPv4 addresses, dates of birth (common formats), common name patterns, and US street addresses. You can also add custom regex patterns for domain-specific PII.

What masking styles are available?

Five styles: Full Mask → *** | Partial Mask → j***@***.com | [REDACTED] → literal replacement | Hash → deterministic short hex [a3f9b2] | Custom Character → replace every char with your chosen character (e.g. X → XXXXXXXX).

What does the confidence indicator mean?

High — strict, unambiguous pattern (e.g. Luhn-validated credit card, properly formatted SSN with valid range). Medium — likely PII but possible false positives (e.g. phone numbers). Low — heuristic match (e.g. name patterns). Use the Min. Confidence filter to mask only high-confidence matches if you want fewer false positives.

Can I add my own detection patterns?

Yes. Use the "Add Pattern" button in the sidebar to define a custom regex with a label and masking style. This is useful for employee IDs, patient MRNs, policy numbers, or any structured PII specific to your domain.

Is this GDPR or HIPAA compliant?

This tool helps redact personal data from text, supporting GDPR and HIPAA data minimization practices. Because it is 100% client-side with no data transmission or storage, using it does not itself create a compliance obligation. Always consult your legal and compliance team for your specific use case.

PII Mask Generator

Related Tools

Frequently Asked Questions