All Products
Search
Document Center

:Configure data masking templates and algorithms

Last Updated:Jun 21, 2026

Data Security Center (DSC) lets you configure data masking templates and data masking algorithms. You can group frequently used data masking algorithms into a data masking template. You can then use this template to efficiently configure static data masking rules.

Background information

DSC supports hashing, redaction, substitution, rounding, encryption, decryption, and shuffling. For more information, see Supported data masking algorithms.

Data masking templates

Create a data masking template

  1. Log on to the Data Security Center console.

  2. In the navigation pane on the left, select Risk Governance > Configuration Risks.

  3. On the Data Desensitization page, click the Masking Configurations tab.

  4. On the Desensitization Template tab, click Create Template.

  5. In the Create Template panel, configure the parameters and click OK.

    Parameter

    Description

    Template name

    The name of the data masking template.

    Template description

    The description of the data masking template. You can enter key information, such as the use cases for the template.

    Matching mode

    The matching method for sensitive data. Valid values:

    • Sensitive type: Select a sensitive data type that DSC supports and configure a corresponding data masking algorithm. Examples include Vehicle Identification Number and Unified Social Credit Code.

    • Field name: Specify the field name to mask and configure a data masking algorithm.

    Rule list

    In the rule list, select a sensitive type or enter a field name to mask, and then set the data masking algorithm.

    If you set Matching mode to Sensitive type, you can select fields from the Data Feature column on the Data Discovery identification features page. These fields include built-in and custom identification feature fields.

    Click Increase algorithm to add more rules to the template.

Edit or delete a data masking template

On the Desensitization Template tab, edit or delete templates as needed.

  • Edit a template

    To update a template's description or rules, find the template, click Edit in the Actions column, and then make your changes in the Edit panel.

  • Delete a template

    Important

    A deleted template cannot be restored. Proceed with caution.

    If a template is no longer needed, find it and click Delete in the Actions column.

Data masking algorithms

  1. Log on to the Data Security Center console.

  2. In the navigation pane on the left, select Risk Governance > Configuration Risks.

  3. On the Data Desensitization page, click the Masking Configurations tab.

  4. On the Masking Configurations tab, click the Data Masking Algorithm tab.

  5. Click the tab for an algorithm type to configure the data masking algorithm.

    For example, on the hashing tab, the console provides MD5, SHA1, SHA256, and HMAC algorithms. Enter a salt for the desired algorithm and click Submit.

  6. Click Test next to a data masking algorithm to verify its output in the Test panel.

    This feature is not available for all data masking algorithm types. The console shows the Test option only for supported algorithms.

  7. Click Submit next to the data masking algorithm.

Related documents

After configuring a data masking algorithm, go to the Data Desensitization > Static Desensitization tab to create or modify its configuration within a static data masking task. For more information, see static data masking.