香港身份證
Detects 香港身份證 patterns. This pattern is based on a Microsoft Purview built-in sensitive information type. Users already running Purview may prefer to enable the built-in SIT directly, or use this version as a starting point for customisation.
- Type
- regex
- Engine
- universal
- Confidence
- high
- Confidence justification
- High confidence: pattern has strong structural constraints (specific format, prefix, or character class restrictions) that significantly reduce false positive rates. Added context gating and exclusion rules improve precision and reduce incidental matches.
- Detection quality
- Verified
- Jurisdictions
- hk
- Frameworks
- ISO 27001, ISO 27701
- Data categories
- pii, government-id
- Scope
- narrow
- Risk rating
- 7
- Platform compatibility
- Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Compatible, Netskope: Compatible
Pattern
\b[A-Z]{1,2}\d{6}\([0-9A]\)Corroborative evidence keywords
HKID, 身份證, identity card, hong kong ID, ID number, identification, ID card, license, permit, registration, certificate, field, column, row, entry, record, value, form, register, database (+20 more)
Proximity: 300 characters
Should match
A123456(7)— HKID with single prefix letterAB987654(A)— HKID with two prefix lettersC456789(0)— Another HKID format
Should not match
A12345(7)— Too few digits (5 instead of 6)ABC123456(7)— Three prefix letters (too many)template example placeholder record identifier— Template/sample context should be excluded even when anchor words are present
Known false positives
- The distinctive format with parenthesized check digit is relatively specific but may appear in formatted reference numbers. Mitigation: The structured format with parenthesized check digit provides strong validation. Keyword context further improves accuracy.
- In multiple languages, similar terminology used in formal or administrative contexts (education, professional documentation) that does not constitute sensitive data collection. Mitigation: Layer with additional contextual signals such as structured identifiers, form fields, or database column headers to distinguish sensitive records from general references.