--- title: Predefined profiles description: Reference information for Predefined profiles in Cloudflare One. image: https://developers.cloudflare.com/zt-preview.png --- > Documentation Index > Fetch the complete documentation index at: https://developers.cloudflare.com/cloudflare-one/llms.txt > Use this file to discover all available pages before exploring further. [Skip to content](#%5Ftop) ### Tags [ Compliance ](https://developers.cloudflare.com/search/?tags=Compliance) # Predefined profiles Cloudflare Zero Trust provides predefined DLP profiles for common types of sensitive data. Some profiles include built-in validation checks to increase detection accuracy. Others use profile-specific matching logic to reduce false positives. You can also configure [advanced settings](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/dlp-profiles/advanced-settings/) for predefined profiles. ## AI Prompt DLP provides AI prompt protection with the following predefined profiles: * AI Prompt: AI Security * AI Prompt: Customer * AI Prompt: Financial Information * AI Prompt: PII * AI Prompt: Technical For more information on included detection entries, refer to [AI prompt topics](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/detection-entries/configure-detection-entries/#ai-prompt-topics). ## Credentials and Secrets The following secrets are validated with regex. * Amazon Web Services (AWS) keys * Azure API keys * Google Cloud Platform keys * SSH keys The following Cloudflare API credentials are validated algorithmically using a checksum. Only credentials generated after [Cloudflare's token format update](https://developers.cloudflare.com/fundamentals/api/get-started/token-formats/) will be matched by these entries. | Detection entry | Format | | ---------------------------------- | ----------------------------------------------------------------------------- | | Cloudflare User API Key | cfk\_ followed by 40 alphanumeric characters and an 8-character hex checksum | | Cloudflare User API Token | cfut\_ followed by 40 alphanumeric characters and an 8-character hex checksum | | Cloudflare Account Owned API Token | cfat\_ followed by 40 alphanumeric characters and an 8-character hex checksum | ## Financial Information Availability This predefined profile is available on all Zero Trust plans. Credit card numbers begin with a six or eight-digit Issuer Identification Number (IIN) and are followed by up to 23 additional digits. Card verification values (CVVs) are not validated. In the table below, entries use one of three validation methods. [Luhn's algorithm ↗](https://en.wikipedia.org/wiki/Luhn%5Falgorithm) is a checksum formula used to verify credit card numbers. Entries validated "with checksum" use an arithmetic check specific to that number format. Entries validated "with regex" match a known text pattern without performing a mathematical check. | Detection entry | Notes | | -------------------------------- | ------------------------------------------------------------------------------------- | | American Express Card Number | Validated using [Luhn's algorithm ↗](https://en.wikipedia.org/wiki/Luhn%5Falgorithm). | | American Express Text | Text matching amex or american express. | | Diners Club Card Number | Validated using Luhn's algorithm. | | Generic CVV Card Number | Validated with regex. | | Mastercard Card Number | Validated using Luhn's algorithm. | | Mastercard Text | Text matching mastercard. | | Union Pay Card Number | Validated using Luhn's algorithm. | | Union Pay Text | Text matching union pay. | | Visa Card Number | Validated using Luhn's algorithm. | | Visa Text | Text matching visa. | | United States ABA Routing Number | Validated algorithmically with checksum. | | IBAN | Validated with checksum. | ## HTTP Archive The **Unsanitized HAR** predefined profile detects HTTP Archive (HAR) files in traffic that have not been processed by Cloudflare's HAR sanitizer. HAR files frequently contain sensitive data such as session cookies, authorization headers, and other credentials. | Detection entry | Notes | | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | Unsanitized HAR file | Detects HAR files that do not carry a Cloudflare sanitized marker. Files processed by the Cloudflare HAR sanitizer and unmodified since will not match this entry. | You can use this profile in a Gateway HTTP policy to block HAR file uploads or redirect users to `https://har-sanitizer.pages.dev/` to sanitize the file before uploading. For more information, refer to [common DLP policies](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/dlp-policies/common-policies/). ## Health Information The following diagnosis and medication names are checked for surrounding ASCII characters to prevent false positives. * FDA active ingredients * FDA drug names * ICD-10 FY2023 short descriptions ## Personally Identifiable Information (PII) Record The **Personally Identifiable Information (PII) Record** predefined profile is designed to detect records that contain multiple types of personal data. Unlike most predefined and custom DLP profiles, this profile matches only when at least three unique detection entries are found in close proximity. This behavior helps reduce false positives from isolated matches. The profile includes the following detection entries: * AU Passport Number * American Express Card Number * Diners Club Card Number * US Driver's License Number * Email Address * Full Name * US Mailing Address * Mastercard Card Number * US Individual Tax Identification Number (ITIN) * US Passport Number * US Phone Number * Union Pay Card Number * United States SSN Numeric Detection * Visa Card Number ## Social Security, Insurance, Tax, and Identifier Numbers Availability This predefined profile is available on all Zero Trust plans. The following national identifier detections are validated algorithmically when possible. | Detection entry | Notes | | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | United States SSN Numeric Detection | Matched values must include commonly used separators. For example, 000-00-0000 matches but 000000000 does not. Unlike credit card numbers, Social Security numbers have no built-in checksum, so DLP validates the format only. | | Social Security Number Text | Text matching ssn or social security. | | Australia Tax File Number | Validated with checksum. | | Canada Social Insurance Number | Validated using Luhn's algorithm. | | France Social Security Number | Validated with regex. | | Hong Kong Identity Card (HKIC) Number | Validated with checksum. | | Indonesia Identity Card Number | Validated with regex. | | Malaysian National Identity Card Number | Validated with regex. | | Philippines Unified Multi-Purpose ID (UMID) Number | Validated with regex. | | Singapore National Registration Identity Card Number | Validated with checksum. | | Taiwan National Identification Number | Validated with checksum. | | Thai Identity Card Number | Validated with checksum. | | United Kingdom NHS Number | Validated with checksum. | | United Kingdom National Insurance Number | Validated with regex. | ## Source Code The following programming languages are validated with natural language processing (NLP). * C * C++ * C# * Go * Haskell * Java * JavaScript * Lua * Python * R * Rust * Swift ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/cloudflare-one/","name":"Cloudflare One"}},{"@type":"ListItem","position":3,"item":{"@id":"/cloudflare-one/data-loss-prevention/","name":"Data loss prevention"}},{"@type":"ListItem","position":4,"item":{"@id":"/cloudflare-one/data-loss-prevention/dlp-profiles/","name":"DLP profiles"}},{"@type":"ListItem","position":5,"item":{"@id":"/cloudflare-one/data-loss-prevention/dlp-profiles/predefined-profiles/","name":"Predefined profiles"}}]} ```