PII Detection Reference

RADAR detects 40 PII patterns across 6 categories with auto-discovery at runtime. Detection combines regex matching and format validation. Each detection produces a finding with a type tag and context.

Detection model

Each detection produces a finding with a confidence score (0.0–1.0) based on pattern match quality, context analysis, and cross-validation. Teams set per-category thresholds. Findings below threshold are informational; above threshold generate actionable alerts.

PII categories

RADAR's scanner auto-discovers patterns at runtime from the pii/patterns/ directory. Currently 40 patterns across 6 categories:

  • Name
    Base (10 patterns)
    Description

    SSN, email addresses, credit cards, phone numbers, IP addresses, dates of birth, passports, driver licenses, API keys, AWS access keys.

  • Name
    Financial (10 patterns)
    Description

    IBAN, BIC/SWIFT, CUSIP, ISIN, LEI, SEDOL, Bitcoin addresses, Ethereum addresses, CVV.

  • Name
    Healthcare (3 patterns)
    Description

    Medical record numbers (MRN), ICD-10 diagnosis codes, European Health Insurance Card (EHIC).

  • Name
    Extended EU (10 patterns)
    Description

    PESEL (Poland), BSN (Netherlands), CPR (Denmark), Spanish DNI/NIE, Codice Fiscale (Italy), Belgian NRN, Swedish Personnummer, Portuguese NIF, EU VAT numbers.

  • Name
    Legal (3 patterns)
    Description

    Bar numbers, case docket numbers, DUNS identifiers.

  • Name
    Biometric (4 patterns)
    Description

    IMEI, biometric template IDs, genetic RS IDs, HLA alleles.

Configuration

The PII scanner is auto-discovery based — any .py file placed in the pii/patterns/ directory is loaded at runtime. No configuration required to add new patterns.

Was this page helpful?