Fields for filtering findings
To help you analyze findings more efficiently, the Amazon Macie console and the Amazon Macie API provide access to several sets of fields for filtering findings:
-
Common fields – These fields store data that applies to any type of finding. They correlate to common attributes of findings such as severity, finding type, and finding ID.
-
Affected resource fields – These fields store data about the resources that a finding applies to, such as the name, tags, and encryption settings for an affected S3 bucket or object.
-
Policy fields – These fields store data that's specific to policy findings, such as the action that produced a finding, and the entity that performed the action.
-
Sensitive data classification fields – These fields store data that's specific to sensitive data findings, such as the category and types of sensitive data that Macie found in an affected S3 object.
A filter can use a combination of fields from any of the preceding sets.
The topics in this section list and describe the individual fields that you can use to filter findings. For additional details about these fields, including any relationships between the fields, see Findings in the Amazon Macie API Reference.
Common fields
The following table lists and describes fields that you can use to filter findings based on common finding attributes. These fields store data that applies to any type of finding.
In the table, the Field column indicates the name of the field on the Amazon Macie console. The JSON field column uses dot notation to indicate the name of the field in JSON representations of findings and the Amazon Macie API. The Description column provides a brief description of the data that the field stores, and indicates any requirements for filter values. The table is sorted in ascending alphabetical order by field, and then by JSON field.
| Field | JSON field | Description |
|---|---|---|
|
Account ID* |
|
The unique identifier for the AWS account that the finding applies to. This is typically the account that owns the affected resource. |
| — |
|
A Boolean value that specifies whether the finding was suppressed (automatically archived) by a suppression rule. To use this field in a filter on the console, choose an option on the Finding status menu: Archived (suppressed only), Current (unsuppressed only), or All (both suppressed and unsuppressed). |
|
Category |
|
The category of the finding. The console provides a list of values to choose from when you add this field to a filter. In the API, valid values are:
|
| — |
|
The total number of occurrences of the finding. For sensitive data findings, this value
is always This field isn't available as a filter option on the console. With the API, you can use this field to define a numeric range for a filter. |
|
Created at |
|
The date and time when Macie created the finding. You can use this field to define a time range for a filter. |
|
Finding ID* |
|
The unique identifier for the finding. This is a random string that Macie generates and assigns to a finding when it creates the finding. |
|
Finding type* |
|
The type of the finding—for example,
The console provides a list of values to choose from when you add this field to a filter. For a list of valid values in the API, see FindingType in the Amazon Macie API Reference. |
|
Region |
|
The AWS Region that Macie created the finding in—for
example, |
|
Sample |
|
A Boolean value that specifies whether the finding is a sample finding. A sample finding is a finding that uses example data and placeholder values to demonstrate what a finding might contain. The console provides a list of values to choose from when you add this field to a filter. |
|
Severity |
|
The qualitative representation of the finding's severity. The console provides a list of values to choose from when you add this field to a filter. In the API, valid values are:
|
|
Updated at |
|
The date and time when the finding was last updated. For sensitive data findings, this value is the same as the value for the Created at field. All sensitive data findings are considered new (unique). You can use this field to define a time range for a filter. |
* To specify multiple values for this field on the console, add a condition that uses the field and specifies a distinct value for the filter, and then repeat that step for each additional value. To do this with the API, use an array that lists the values to use for the filter.
Affected resource fields
The following topics list and describe the fields that you can use to filter findings based on the resource that a finding applies to. The topics are organized by resource type.
S3 bucket
The following table lists and describes fields that you can use to filter findings based on characteristics of the S3 bucket that a finding applies to.
In the table, the Field column indicates the name of the field on the Amazon Macie console. The JSON field column uses dot notation to indicate the name of the field in JSON representations of findings and the Amazon Macie API. (Longer JSON field names use the newline character sequence (\n) to improve readability.) The Description column provides a brief description of the data that the field stores, and indicates any requirements for filter values. The table is sorted in ascending alphabetical order by field, and then by JSON field.
| Field | JSON field | Description |
|---|---|---|
|
— |
|
The date and time when the affected bucket was created, or changes such as edits to the bucket's policy were most recently made to the affected bucket. This field isn't available as a filter option on the console. With the API, you can use this field to define a time range for a filter. |
|
S3 bucket default encryption |
|
The server-side encryption algorithm that's used by default to encrypt objects that are added to the affected bucket. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for the API, see EncryptionType in the Amazon Macie API Reference. |
|
S3 bucket encryption KMS key id* |
|
The Amazon Resource Name (ARN) or unique identifier (key ID) for the AWS KMS key that's used by default to encrypt objects that are added to the affected bucket. |
|
S3 bucket encryption required by bucket policy |
|
Specifies whether the bucket policy for the affected bucket requires server-side encryption of objects when objects are added to the bucket. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for the API, see S3Bucket in the Amazon Macie API Reference. |
|
S3 bucket name* |
|
The full name of the affected bucket. |
|
S3 bucket owner display name* |
|
The display name of the AWS user who owns the affected bucket. |
|
S3 bucket public access permission |
|
Specifies whether the affected bucket is publicly accessible based on a combination of permissions settings that apply to the bucket. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for the API, see BucketPublicAccess in the Amazon Macie API Reference. |
|
— |
|
A Boolean value that specifies whether Amazon S3 blocks public access control lists (ACLs) for the affected bucket and objects in the bucket. This is an account-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 blocks public bucket policies for the affected bucket. This is an account-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 ignores public ACLs for the affected bucket and objects in the bucket. This is an account-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 restricts public bucket policies for the affected bucket. This is an account-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether the bucket-level ACL for the affected bucket grants the general public with read access permissions for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether the bucket-level ACL for the affected bucket grants the general public with write access permissions for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 blocks public ACLs for the affected bucket and objects in the bucket. This is a bucket-level, block public access setting for a bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 blocks public bucket policies for the affected bucket. This is a bucket-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 ignores public ACLs for the affected bucket and objects in the bucket. This is a bucket-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether Amazon S3 restricts public bucket policies for the affected bucket. This is a bucket-level, block public access setting for the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether the affected bucket's policy allows the general public to have read access to the bucket. This field isn't available as a filter option on the console. |
|
— |
|
A Boolean value that specifies whether the affected bucket's policy allows the general public to have write access to the bucket. This field isn't available as a filter option on the console. |
|
S3 bucket tag key* |
|
A tag key that's associated with the affected bucket. |
|
S3 bucket tag value* |
|
A tag value that's associated with the affected bucket. |
* To specify multiple values for this field on the console, add a condition that uses the field and specifies a distinct value for the filter, and then repeat that step for each additional value. To do this with the API, use an array that lists the values to use for the filter.
S3 object
The following table lists and describes fields that you can use to filter findings based on characteristics of the S3 object that a finding applies to.
In the table, the Field column indicates the name of the field on the Amazon Macie console. The JSON field column uses dot notation to indicate the name of the field in JSON representations of findings and the Amazon Macie API. The Description column provides a brief description of the data that the field stores, and indicates any requirements for filter values. The table is sorted in ascending alphabetical order by field, and then by JSON field.
| Field | JSON field | Description |
|---|---|---|
|
S3 object encryption KMS key id* |
|
The Amazon Resource Name (ARN) or unique identifier (key ID) for the AWS KMS key that was used to encrypt the affected object. |
|
S3 object encryption type |
|
The server-side encryption algorithm that was used to encrypt the affected object. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for the API, see EncryptionType in the Amazon Macie API Reference. |
| — |
|
The file name extension of the affected object. For objects
that don't have a file name extension, specify This field isn't available as a filter option on the console. |
| — |
|
The date and time when the affected object was created or last changed, whichever is latest. This field isn't available as a filter option on the console. With the API, you can use this field to define a time range for a filter. |
| S3 object key* |
|
The full name (key) of the affected object, including the object's prefix if applicable. |
| — |
|
The full path to the affected object, including the name of the affected bucket and the object's name (key). This field isn't available as a filter option on the console. |
| S3 object public access |
|
A Boolean value that specifies whether the affected object is publicly accessible based on a combination of permission settings that apply to the object. The console provides a list of values to choose from when you add this field to a filter. |
| S3 object tag key* |
|
A tag key that's associated with the affected object. |
| S3 object tag value* |
|
A tag value that's associated with the affected object. |
* To specify multiple values for this field on the console, add a condition that uses the field and specifies a distinct value for the filter, and then repeat that step for each additional value. To do this with the API, use an array that lists the values to use for the filter.
Policy fields
The following table lists and describes fields that you can use to filter policy findings. These fields store data that's specific to policy findings.
In the table, the Field column indicates the name of the field on the Amazon Macie console. The JSON field column uses dot notation to indicate the name of the field in JSON representations of findings and the Amazon Macie API. (Longer JSON field names use the newline character sequence (\n) to improve readability.) The Description column provides a brief description of the data that the field stores, and indicates any requirements for filter values. The table is sorted in ascending alphabetical order by field, and then by JSON field.
| Field | JSON field | Description |
|---|---|---|
|
Action type |
|
The type of action that produced the finding. The only valid value
for this field is |
|
API call name* |
|
The name of the operation that was invoked most recently and produced the
finding—for example,
|
|
API service name* |
|
The URL of the AWS service that provides the operation that was invoked and produced
the finding—for example,
|
|
— |
|
The first date and time when any operation was invoked and produced the finding. This field isn't available as a filter option on the console. With the API, you can use this field to define a time range for a filter. |
|
— |
|
The most recent date and time when the specified operation
(API call name or This field isn't available as a filter option on the console. With the API, you can use this field to define a time range for a filter. |
|
— |
|
The domain name of the device that was used to perform the action. This field isn't available as a filter option on the console. |
|
IP city* |
|
The name of the originating city for the IP address of the device that was used to perform the action. |
|
IP country* |
|
The name of the originating country for the IP address of the
device that was used to perform the action—for example,
|
|
— |
|
The Autonomous System Number (ASN) for the autonomous system that included the IP address of the device that was used to perform the action. This field isn't available as a filter option on the console. |
|
IP owner ASN org* |
|
The organization identifier that's associated with the ASN for the autonomous system that included the IP address of the device that was used to perform the action. |
|
IP owner ISP* |
|
The name of the internet service provider (ISP) that owned the IP address of the device that was used to perform the action. |
|
IP V4 address* |
|
The Internet Protocol version 4 (IPv4) address of the device that was used to perform the action. |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
|
User identity assumed role account id* |
|
For an action performed with temporary security credentials that
were obtained using the |
| User identity assumed role principal id* |
|
For an action performed with temporary security credentials that
were obtained using the |
| User identity assumed role session ARN* |
|
For an action performed with temporary security credentials that
were obtained using the |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
| User identity AWS account account id* |
|
For an action performed using the credentials for another AWS account, the unique identifier for the account. |
| User identity AWS account principal id* |
|
For an action performed using the credentials for another AWS account, the unique identifier for the entity that performed the action. |
| User identity AWS service invoked by |
|
For an action performed by an account that belongs to an AWS service, the name of the service. |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
| User identity federated session ARN* |
|
For an action performed with temporary security credentials that
were obtained using the |
| User identity federated user account id* |
|
For an action performed with temporary security credentials that
were obtained using the |
| User identity federated user principal id* |
|
For an action performed with temporary security credentials that
were obtained using the |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
|
— |
|
For an action performed with temporary security credentials
that were obtained using the This field isn't available as a filter option on the console. |
| User identity IAM account id* |
|
For an action performed using an IAM user's credentials, the unique identifier for the AWS account that's associated with the IAM user who performed the action. |
| User identity IAM principal id* |
|
For an action performed using an IAM user's credentials, the unique identifier for the IAM user who performed the action. |
| User identity IAM user name* |
|
For an action performed using an IAM user's credentials, the username of the IAM user who performed the action. |
| User identity root account id* |
|
For an action performed using the credentials for your AWS account, the unique identifier for the account. |
| User identity root principal id* |
|
For an action performed using the credentials for your AWS account, the unique identifier for the entity that performed the action. |
| User identity type |
|
The type of entity that performed the action that produced the finding. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for the API, see UserIdentityType in the Amazon Macie API Reference. |
* To specify multiple values for this field on the console, add a condition that uses the field and specifies a distinct value for the filter, and then repeat that step for each additional value. To do this with the API, use an array that lists the values to use for the filter.
Sensitive data classification fields
The following table lists and describes fields that you can use to filter sensitive data findings. These fields store data that's specific to sensitive data findings.
In the table, the Field column indicates the name of the field on the Amazon Macie console. The JSON field column uses dot notation to indicate the name of the field in JSON representations of findings and the Amazon Macie API. The Description column provides a brief description of the data that the field stores, and indicates any requirements for filter values. The table is sorted in ascending alphabetical order by field, and then by JSON field.
| Field | JSON field | Description |
|---|---|---|
|
Custom data identifier ID* |
|
The unique identifier for the custom data identifier that detected the data and produced the finding. |
|
Custom data identifier name* |
|
The name of the custom data identifier that detected the data and produced the finding. |
|
Custom data identifier total count |
|
The total number of occurrences of data that was detected by custom data identifiers and produced the finding. You can use this field to define a numeric range for a filter. |
|
Job ID* |
|
The unique identifier for the sensitive data discovery job that produced the finding. |
|
Origin type |
|
How Macie found the sensitive data that produced the finding:
|
|
— |
|
The type of content, as a MIME type, that the finding applies
to—for example, This field isn't available as a filter option on the console. |
|
— |
|
The total storage size, in bytes, of the S3 object that the finding applies to. This field isn't available as a filter option on the console. With the API, you can use this field to define a numeric range for a filter. |
|
Result status code* |
|
The status of the finding. Valid values are:
|
|
Sensitive data category |
|
The category of sensitive data that was detected and produced the finding. The console provides a list of values to choose from when you add this field to a filter. In the API, valid values are:
|
|
Sensitive data detection type |
|
The type of sensitive data that was detected and produced the finding. The console provides a list of values to choose from when you add this field to a filter. For a list of valid values for both the console and the API, see Sensitive data detection types. |
|
Sensitive data total count |
|
The total number of occurrences of the sensitive data that was detected and produced the finding. You can use this field to define a numeric range for a filter. |
* To specify multiple values for this field on the console, add a condition that uses the field and specifies a distinct value for the filter, and then repeat that step for each additional value. To do this with the API, use an array that lists the values to use for the filter.
Sensitive data detection types
The following topics list values that you can specify for the Sensitive
data detection type field in a filter. (The JSON name of this field
is classificationDetails.result.sensitiveData.detections.type.) The
topics are organized by the categories of sensitive data that Macie can detect using
managed data identifiers.
Categories
To learn more about the managed data identifier for a specific type of sensitive data, see Detailed reference: Amazon Macie managed data identifiers.
Credentials
You can specify the following values to filter findings that report occurrences of credentials data in S3 objects.
| Sensitive data type | Filter value |
|---|---|
| AWS secret access key | AWS_CREDENTIALS |
| Google Cloud API key | GCP_API_KEY |
| HTTP Basic Authorization header | HTTP_BASIC_AUTH_HEADER |
| JSON Web Token (JWT) | JSON_WEB_TOKEN |
| OpenSSH private key | OPENSSH_PRIVATE_KEY |
| PGP private key | PGP_PRIVATE_KEY |
| Public Key Cryptography Standard (PKCS) private key | PKCS |
| PuTTY private key | PUTTY_PRIVATE_KEY |
| Stripe API key | STRIPE_CREDENTIALS |
Financial information
You can specify the following values to filter findings that report occurrences of financial information in S3 objects.
| Sensitive data type | Filter value |
|---|---|
| Bank account number | BANK_ACCOUNT_NUMBER (for Canada and the
US) |
| Basic Bank Account Number (BBAN) | Depending on country or region:
FRANCE_BANK_ACCOUNT_NUMBER,
GERMANY_BANK_ACCOUNT_NUMBER, ITALY_BANK_ACCOUNT_NUMBER,
SPAIN_BANK_ACCOUNT_NUMBER,
UK_BANK_ACCOUNT_NUMBER |
| Credit card expiration date | CREDIT_CARD_EXPIRATION |
| Credit card magnetic stripe data | CREDIT_CARD_MAGNETIC_STRIPE |
| Credit card number | CREDIT_CARD_NUMBER (for credit card numbers in
proximity of a keyword),
CREDIT_CARD_NUMBER_(NO_KEYWORD) (for credit
card numbers not in proximity of a keyword) |
| Credit card verification code | CREDIT_CARD_SECURITY_CODE |
| International Bank Account Number (IBAN) | Depending on country or region:
ALBANIA_BANK_ACCOUNT_NUMBER,
ANDORRA_BANK_ACCOUNT_NUMBER,
BOSNIA_AND_HERZEGOVINA_BANK_ACCOUNT_NUMBER,
BRAZIL_BANK_ACCOUNT_NUMBER, BULGARIA_BANK_ACCOUNT_NUMBER,
COSTA_RICA_BANK_ACCOUNT_NUMBER, CROATIA_BANK_ACCOUNT_NUMBER,
CYPRUS_BANK_ACCOUNT_NUMBER,
CZECH_REPUBLIC_BANK_ACCOUNT_NUMBER,
DENMARK_BANK_ACCOUNT_NUMBER,
DOMINICAN_REPUBLIC_BANK_ACCOUNT_NUMBER,
EGYPT_BANK_ACCOUNT_NUMBER, ESTONIA_BANK_ACCOUNT_NUMBER,
FAROE_ISLANDS_BANK_ACCOUNT_NUMBER,
FINLAND_BANK_ACCOUNT_NUMBER, FRANCE_BANK_ACCOUNT_NUMBER,
GEORGIA_BANK_ACCOUNT_NUMBER, GERMANY_BANK_ACCOUNT_NUMBER,
GREECE_BANK_ACCOUNT_NUMBER, GREENLAND_BANK_ACCOUNT_NUMBER,
HUNGARY_BANK_ACCOUNT_NUMBER, ICELAND_BANK_ACCOUNT_NUMBER,
IRELAND_BANK_ACCOUNT_NUMBER, ITALY_BANK_ACCOUNT_NUMBER,
JORDAN_BANK_ACCOUNT_NUMBER, KOSOVO_BANK_ACCOUNT_NUMBER,
LIECHTENSTEIN_BANK_ACCOUNT_NUMBER,
LITHUANIA_BANK_ACCOUNT_NUMBER, MALTA_BANK_ACCOUNT_NUMBER,
MAURITANIA_BANK_ACCOUNT_NUMBER,
MAURITIUS_BANK_ACCOUNT_NUMBER, MONACO_BANK_ACCOUNT_NUMBER,
MONTENEGRO_BANK_ACCOUNT_NUMBER,
NETHERLANDS_BANK_ACCOUNT_NUMBER,
NORTH_MACEDONIA_BANK_ACCOUNT_NUMBER,
POLAND_BANK_ACCOUNT_NUMBER, PORTUGAL_BANK_ACCOUNT_NUMBER,
SAN_MARINO_BANK_ACCOUNT_NUMBER, SENEGAL_BANK_ACCOUNT_NUMBER,
SERBIA_BANK_ACCOUNT_NUMBER, SLOVAKIA_BANK_ACCOUNT_NUMBER,
SLOVENIA_BANK_ACCOUNT_NUMBER, SPAIN_BANK_ACCOUNT_NUMBER,
SWEDEN_BANK_ACCOUNT_NUMBER, SWITZERLAND_BANK_ACCOUNT_NUMBER,
TIMOR_LESTE_BANK_ACCOUNT_NUMBER,
TUNISIA_BANK_ACCOUNT_NUMBER, TURKIYE_BANK_ACCOUNT_NUMBER,
UK_BANK_ACCOUNT_NUMBER, UKRAINE_BANK_ACCOUNT_NUMBER,
UNITED_ARAB_EMIRATES_BANK_ACCOUNT_NUMBER,
VIRGIN_ISLANDS_BANK_ACCOUNT_NUMBER (for the British
Virgin Islands) |
Personal information: Personal health information (PHI)
You can specify the following values to filter findings that report occurrences of personal health information (PHI) in S3 objects.
| Sensitive data type | Filter value |
|---|---|
| Drug Enforcement Agency (DEA) Registration Number | US_DRUG_ENFORCEMENT_AGENCY_NUMBER |
| Health Insurance Claim Number (HICN) | USA_HEALTH_INSURANCE_CLAIM_NUMBER |
| Health insurance or medical identification number | Depending on country or region: CANADA_HEALTH_NUMBER,
EUROPEAN_HEALTH_INSURANCE_CARD_NUMBER,
FINLAND_EUROPEAN_HEALTH_INSURANCE_NUMBER,
FRANCE_HEALTH_INSURANCE_NUMBER, UK_NHS_NUMBER,
USA_MEDICARE_BENEFICIARY_IDENTIFIER |
| Healthcare Common Procedure Coding System (HCPCS) code | USA_HEALTHCARE_PROCEDURE_CODE |
| National Drug Code (NDC) | USA_NATIONAL_DRUG_CODE |
| National Provider Identifier (NPI) | USA_NATIONAL_PROVIDER_IDENTIFIER |
| Unique device identifier (UDI) | MEDICAL_DEVICE_UDI |
Personal information: Personally identifiable information (PII)
You can specify the following values to filter findings that report occurrences of personally identifiable information (PII) in S3 objects.
| Sensitive data type | Filter value |
|---|---|
| Birth date | DATE_OF_BIRTH |
| Driver’s license identification number | Depending on country or region: AUSTRALIA_DRIVERS_LICENSE,
AUSTRIA_DRIVERS_LICENSE, BELGIUM_DRIVERS_LICENSE,
BULGARIA_DRIVERS_LICENSE, CANADA_DRIVERS_LICENSE,
CROATIA_DRIVERS_LICENSE, CYPRUS_DRIVERS_LICENSE,
CZECHIA_DRIVERS_LICENSE, DENMARK_DRIVERS_LICENSE,
DRIVERS_LICENSE (for the US),
ESTONIA_DRIVERS_LICENSE, FINLAND_DRIVERS_LICENSE,
FRANCE_DRIVERS_LICENSE, GERMANY_DRIVERS_LICENSE,
GREECE_DRIVERS_LICENSE, HUNGARY_DRIVERS_LICENSE,
INDIA_DRIVERS_LICENSE, IRELAND_DRIVERS_LICENSE,
ITALY_DRIVERS_LICENSE, LATVIA_DRIVERS_LICENSE,
LITHUANIA_DRIVERS_LICENSE, LUXEMBOURG_DRIVERS_LICENSE,
MALTA_DRIVERS_LICENSE, NETHERLANDS_DRIVERS_LICENSE,
POLAND_DRIVERS_LICENSE, PORTUGAL_DRIVERS_LICENSE,
ROMANIA_DRIVERS_LICENSE, SLOVAKIA_DRIVERS_LICENSE,
SLOVENIA_DRIVERS_LICENSE, SPAIN_DRIVERS_LICENSE,
SWEDEN_DRIVERS_LICENSE, UK_DRIVERS_LICENSE |
| Electoral roll number | UK_ELECTORAL_ROLL_NUMBER |
| Full name | NAME |
| Global Positioning System (GPS) coordinates | LATITUDE_LONGITUDE |
| HTTP cookie | HTTP_COOKIE |
| Mailing address | ADDRESS, BRAZIL_CEP_CODE |
| National identification number | Depending on country or region: BRAZIL_RG_NUMBER,
FRANCE_NATIONAL_IDENTIFICATION_NUMBER,
GERMANY_NATIONAL_IDENTIFICATION_NUMBER,
INDIA_AADHAAR_NUMBER, ITALY_NATIONAL_IDENTIFICATION_NUMBER,
SPAIN_DNI_NUMBER |
| National Insurance Number (NINO) | UK_NATIONAL_INSURANCE_NUMBER |
| Passport number | Depending on country or region: CANADA_PASSPORT_NUMBER, FRANCE_PASSPORT_NUMBER,
GERMANY_PASSPORT_NUMBER, ITALY_PASSPORT_NUMBER,
SPAIN_PASSPORT_NUMBER, UK_PASSPORT_NUMBER,
USA_PASSPORT_NUMBER |
| Permanent residence number | CANADA_NATIONAL_IDENTIFICATION_NUMBER |
| Phone number | Depending on country or region: BRAZIL_PHONE_NUMBER, FRANCE_PHONE_NUMBER,
GERMANY_PHONE_NUMBER, ITALY_PHONE_NUMBER,
PHONE_NUMBER (for Canada and the US),
SPAIN_PHONE_NUMBER, UK_PHONE_NUMBER |
| Social Insurance Number (SIN) | CANADA_SOCIAL_INSURANCE_NUMBER |
| Social Security number (SSN) | Depending on country or region: SPAIN_SOCIAL_SECURITY_NUMBER,
USA_SOCIAL_SECURITY_NUMBER |
| Taxpayer identification or reference number | Depending on country or region: AUSTRALIA_TAX_FILE_NUMBER, BRAZIL_CNPJ_NUMBER,
BRAZIL_CPF_NUMBER, FRANCE_TAX_IDENTIFICATION_NUMBER,
GERMANY_TAX_IDENTIFICATION_NUMBER,
INDIA_PERMANENT_ACCOUNT_NUMBER, SPAIN_NIE_NUMBER,
SPAIN_NIF_NUMBER, SPAIN_TAX_IDENTIFICATION_NUMBER,
UK_TAX_IDENTIFICATION_NUMBER,
USA_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER |
| Vehicle identification number (VIN) | VEHICLE_IDENTIFICATION_NUMBER |
