The Sensitive Data Masking feature allows message fields to be designated as holding sensitive data by adding the attribute sensitive="1" to the element describing the field. Fields so designated are masked in the diagnostic and HTTP logs and in memory. For example, a request or response containing the following dictionary structure:

<type name="CardHolderData">
	<element name="name" type="string" offset="0" size="32"/>
    <element name="cardNumber" type="string" size="32" sensitive="1"/>
</type>

Would appear in the diagnostic log as shown in the following fragments:

{
	"CardHolderData": {
		"name" : "John Doe",
        "cardNumber" : "****************"
	}
}
0x00000000: 4a6f 686e 2044 6f65 6800 0000 0000 0000  00000000: John Doe........
0x00000010: 0000 0000 0000 0000 0000 0000 0000 0000  00000016: ................
0x00000020: 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a  00000032: ****************
0x00000030: 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a 2a2a  00000048: ****************