At ASAPP, privacy is an integral part of our platform, ensuring that sensitive information is protected at every stage of data processing. Redaction plays a critical role in this privacy-by-design approach, systematically removing or masking personally identifiable information (PII), payment card information (PCI) and other custom data elements considered sensitive by our customers before data is stored, processed, or shared.

By embedding real-time, configurable, and AI-powered redaction into our AI-driven solutions, ASAPP safeguards our customers, their customers, and our own infrastructure from unnecessary data exposure in alignment with global regulations like CCPA, GDPR, and PCI-DSS.

Download the PDF version of this blog post

ASAPP’s redaction architecture

Our redaction solution is a high-performance, scalable system that operates across multiple data processing pipelines. It functions as an HTTP-based service, providing secure API end points that downstream services call to redact PII from text and voice data.

Key components of the redaction system

Our multi-layered redaction model ensures a balance between accuracy, efficiency, and flexibility:

1. Edge service

• Acts as the primary entry point for all redaction requests.
• Handles I/O operations, authentication, and request routing to upstream redaction inference services.

2. Inference service

• Processes data using a combination of AI-based and deterministic redaction techniques:
  • Pattern-based redaction (regex & rule-based matching) – Effective for structured data like credit card numbers and SSNs.
  • Keyword-aware redaction – Uses keyword detection to enhance rule-based redaction accuracy.
  • Stochastic AI-driven redaction – Leverages ASAPP-trained models to detect and mask unstructured PII (e.g., names, locations) in free-text conversations.

3. Redaction configuration service

• Stores customer-specific redaction rules, allowing clients to configure and fine-tune redaction logic for their unique needs.
• Supports real-time rule updates for dynamic adaptation to evolving privacy requirements.

4. Cryptographic secrets manager

• Securely manages authentication tokens for redaction endpoints, ensuring only authorized services can request redaction.

Redaction Service Flow Overview

To provide a clear understanding of how ASAPP’s redaction system functions within our platform, the following flowchart illustrates the high-level architecture and interactions between key components:

The flowchart visually represents how incoming data flows through ASAPP’s redaction pipeline, highlighting the role of each component in ensuring that sensitive information is identified and redacted before reaching downstream services. This structured approach ensures high accuracy, efficiency, and compliance with privacy regulations.

How ASAPP redaction works in practice

ASAPP’s redaction system automatically detects and removes sensitive information from real-time conversations and stored transcripts, ensuring privacy compliance without disrupting workflows.

‍

How ASAPP’s redaction service processes this data

1. Tokenization & data ingestion

• The incoming message is split into tokens, allowing the system to analyze individual words and patterns.

2. Pattern-based detection (Regex & Static Rules)

• The system matches known formats (e.g., 16-digit credit card numbers, 9-digit SSNs).

3. Context-aware redaction

• If the phrase "credit card number" is detected before a sequence of digits, the system increases sensitivity, ensuring all related data is redacted.

4. AI-powered redaction

• The ASAPP-trained model detects “John Doe” as a name and “1234 Elm Street” as an address, even though these don’t follow a strict pattern.

5. Final redacted output returned

• The redacted message is sent back to the ASAPP platform for secure processing and use in downstream AI services.

Real-time & post-processing redaction

ASAPP’s system can ensure privacy compliance at multiple points in the data lifecycle:

• Live redaction – Redacts PII in real-time during live customer interactions
• Voice redaction – Applies the same redaction logic to speech-to-text transcripts from AutoTranscribe

Customizable redaction for every business

Unlike rigid one-size-fits-all privacy solutions, ASAPP’s redaction system can be configured per customer or use case.

Dynamic redaction rules

• Each ASAPP customer can define custom regex patterns and AI model preferences.‍
• Configuration settings are stored and allow for real-time adjustments.
• Customers can choose to redact additional data types based on industry-specific compliance needs.

A seamless privacy layer across ASAPP services

Redaction is embedded into all ASAPP AI-powered solutions, ensuring:

• AutoSummary, AutoCompose, and ASAPP Messaging platform processes only privacy-compliant chat data.
• AutoTranscribe redacts speech-to-text transcripts before they are stored or shared.
• GenerativeAgent securely generates AI responses without exposing sensitive customer information.

Continuous evolution of ASAPP’s redaction system

Privacy risks evolve, and ASAPP continuously enhances its redaction capabilities to stay ahead of regulatory changes and business needs.

Key advancements in our redaction model:

• Multi-language support – Expanding beyond English and Spanish to global language models
• Improved AI accuracy – Higher precision in detecting complex & unstructured PII
• Flexible API & SDK integration – Making redaction easy to deploy across multiple customer environments

ASAPP’s commitment to privacy

Redaction is not just a compliance requirement—it is a fundamental part of our privacy-first AI strategy. By embedding real-time, AI-driven, and customer-configurable redaction into our platform, ASAPP ensures that businesses can leverage AI without compromising customer trust and data security.

See how we ensure safety and security of our gen AI products

Visit ASAPP's Trust Center