It is ultimately up to the organization to handle how many PII elements and which Allowlist/Denylist attributes to employ in a workflow. The workflow may check a single PII element or multiple PII elements in various combinations against the Allow or Deny List based on organizational needs. For instance, some workflows may deny applications based on just one PII element, such as SSN, email, or zip code. In contrast, some may deny applications based on multiple PII elements such as SSN, email, and zip code.
This article will cover how thresholds can be set up and explain how the Allow/Deny List works with multiple PII elements.
Within the Allowlist/Denylist tag’s threshold, your organization can use various combinations of PII elements to allow or deny certain applications. Below are some examples:
When using only one PII element from the Deny List to deny applications:
- Only the provided “SSN” is checked against the Deny List to deny applications:
- Only the provided “IP Address” is checked against the Deny List to deny applications:
- Only the provided “Funding Account number” is checked against the Allow List to allow approved applications:
A combination of two or more PII elements can be used. Each PII element will be checked against the Deny List to deny applications (or Allow List to approve). Only AND or OR operators can be used in the conditions, or both can be used in more sophisticated threshold conditions.
When two different attributes are checked against the Deny List with the OR operator. If one condition is satisfied (match), then the application is denied:
When four different attributes are checked against the Deny List with the AND operators. All conditions must be satisfied (all four PII elements must be found in the Deny List) for an application to be denied:
More complex condition use cases:
There are various ways to set up the Allowlist and Denylist attributes. The Allowlist/Denylist tag’s threshold is highly customizable. A single PII or multiple PII field(s) of a single individual can be uploaded to the Allow or Deny List. All PII element scores will be displayed in the raw response. However, only the PII fields specified and used in the threshold logic in the workflow will be checked against the Allow or Deny List, and each PII field will be checked separately. To learn more on how to identify which PII element(s) triggered the Allowlist or Denylist tag, check out here.
There are two types of PII to understand: “Fluid” and “Not Fluid.” Depending on the organization's use case, the workflow may use both exact matching (setting the Match Score attribute equal to 1) and fuzzy matching (setting the Matched attribute to either true/false (boolean)). Exact matching or fuzzy matching can be selectively and strategically used to do certain checks (example screenshot below):
Please don’t hesitate to contact support@alloy.com for further assistance and consider these other helpful articles:
- Allowlist and Denylist Settings
- How to add PII to the Allow or Deny List via CSV List Import
- Understanding the Allow and Deny List raw response in the evaluation’s summary
Comments
0 comments
Article is closed for comments.