SID-DATA-06 — PII Field Encryption for User Records
| Property | Value |
|---|
| Status | to_do |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Data Protection Controls |
Description
Enterprise identity fields (email, OIDC subject) in the users
collection should be encrypted or hashed at rest as defense-in-depth.
If lookup by email is required, store a keyed HMAC alongside the
encrypted value for indexing. Username and display_name should
also be encrypted.
Severity downgraded from HIGH to MEDIUM — the wallet provider
operates under a Data Processing Agreement (DPA) with the relying
party (GDPR Art. 28), providing legal coverage. Field-level
encryption remains recommended per Art. 32.
See compliance/gdpr-findings.md §2 P-3.
Issue: go-wallet-backend#86.
Components
Source References
Audit Findings
| Finding | Severity | Status |
|---|
| P-3 — Enterprise identity fields stored as plaintext | medium | open |