PII Hashing Configuration

`are_identities_hashed` & `hash_identities`

These two configuration options work together to control how the Zeotap React Native SDK handles Personal Identifiable Information (PII) like email addresses and phone numbers when you call the setUserIdentities function. Correctly configuring these options is crucial for ensuring data is processed according to your intended hashing strategy.

PII

These configuration only affect PIIs sent using setUserIdentities function. Recognised PIIs are cellno, email, loginid. Learn more about PIIs

Options Definitions

are_identities_hashed
- Type: Boolean
- Default: false
- Description: Tells the SDK whether the PII values you are providing in the setUserIdentities call are already hashed. If true, you must use the specific hashed keys (e.g., email_sha256_lowercase).
hash_identities
- Type: Boolean
- Default: false
- Description: Tells the SDK whether it should perform client-side hashing (SHA-256) on raw PII values (email, cellno, loginid) provided to setUserIdentities before sending the data to the Zeotap backend.

Default Behavior

If you do not explicitly set are_identities_hashed or hash_identities during SDK initialization:

are_identities_hashed defaults to false.
hash_identities defaults to false.

This means by default, the SDK sends raw PII values without any client-side hashing.

Combined usage

`are_identities_hashed`	`hash_identities`	Resulting Scenario
`false`	`false`	Sending Raw Identifiers (Default)
`true`	`false`	Sending Pre-Hashed Identifiers
`false`	`true`	SDK Performs Hashing
`true`	`true`	Invalid

Scenario 1: Sending Raw Identifiers (Default)

const options = {
    android_write_key: "YOUR_ANDROID_WRITE_KEY",
    ios_write_key: "YOUR_IOS_WRITE_KEY",
    are_identities_hashed: false,   // or omit (default)
    hash_identities: false          // or omit (default)
};

initialiseZeoCollect(options);

// Later in your code
import { setUserIdentities } from 'zeo-collect';

setUserIdentities({
    email: "user@example.com",     // Raw email
    cellno: "1 2345678901"         // Raw phone number
});

Scenario 2: Sending Pre-Hashed Identifiers

const options = {
    android_write_key: "YOUR_ANDROID_WRITE_KEY",
    ios_write_key: "YOUR_IOS_WRITE_KEY",
    are_identities_hashed: true,
    hash_identities: false
};

initialiseZeoCollect(options);

// Later in your code - using hashed keys
setUserIdentities({
    email_sha256_lowercase: "5d41402abc4b2a76b9719d911017c592",  // Pre-hashed email
    cellno_sha256: "e3b0c44298fc1c149afbf4c8996fb924"             // Pre-hashed phone
});

Scenario 3: SDK Performs Hashing

const options = {
    android_write_key: "YOUR_ANDROID_WRITE_KEY",
    ios_write_key: "YOUR_IOS_WRITE_KEY",
    are_identities_hashed: false,
    hash_identities: true
};

initialiseZeoCollect(options);

// Later in your code
setUserIdentities({
    email: "user@example.com",     // Raw email - SDK will hash
    cellno: "1 2345678901"         // Raw phone - SDK will hash
});

Recommendation

It is highly recommended to explicitly set both are_identities_hashed and hash_identities in your initialization options to clearly document your intended hashing strategy and avoid potential confusion.

Invalid Configuration

Setting both are_identities_hashed: true and hash_identities: true simultaneously is an invalid configuration.

This creates a conflict: the SDK is being told to hash data that is also being declared as already hashed. This can lead to incorrect, double-hashed data.

Do not use this combination.

Hashing Algorithm

When hash_identities is set to true, the React Native SDK uses SHA-256/SHA-1/MD-5 hashing algorithm to hash PII values before transmission.

setUserIdentities API Reference
Configuration Overview for all available SDK options

are_identities_hashed & hash_identities​

Options Definitions​

Default Behavior​

Combined usage​

Scenario 1: Sending Raw Identifiers (Default)​

Scenario 2: Sending Pre-Hashed Identifiers​

Scenario 3: SDK Performs Hashing​

Hashing Algorithm​

Related Topics​