Teudat Zehut

Detects Teudat Zehut patterns. This pattern is based on a Microsoft Purview built-in sensitive information type. Users already running Purview may prefer to enable the built-in SIT directly, or use this version as a starting point for customisation.

Type

regex

Engine

universal

Confidence

medium

Confidence justification

Medium confidence: pattern has structural constraints but corroborative keywords are recommended to reduce false positive rates. Context label evidence plus explicit template/example exclusion improves precision for high-risk identifiers. Added context gating and exclusion rules improve precision and reduce incidental matches.

Detection quality

Verified

Jurisdictions

il

Regulations

Protection of Privacy Law (Israel)

Frameworks

ISO 27001, ISO 27701

Data categories

pii, government-id

Scope

narrow

Risk rating

9

Platform compatibility

Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Compatible, Netskope: Compatible

Pattern

\b\d{9}\b

Corroborative evidence keywords

teudat zehut, identity number, national ID, ID number, identification, ID card, license, permit, registration, certificate, data record, database record, record set, data extract, data export, database table, spreadsheet, data registry, registry entry, master data (+13 more)

Proximity: 300 characters

Should match

• 123456789 — Nine-digit Israeli national ID
• 987654321 — Another nine-digit ID
• 456789012 — Valid format national ID

Should not match

• 12345678 — Too few digits (8)
• 1234567890 — Too many digits (10)
• reference code AB-4471 for the order — Short alphanumeric reference, not a nine-digit national ID
• template example placeholder record identifier — Template/sample context should be excluded even when anchor words are present

Known false positives

• Nine-digit numeric sequences are common in phone numbers, bank accounts, and other administrative references. Mitigation: Require corroborative evidence keywords such as "teudat zehut" or "identity number" within the proximity window.
• In multiple languages, similar terminology used in formal or administrative contexts (education, professional documentation) that does not constitute sensitive data collection. Mitigation: Layer with additional contextual signals such as structured identifiers, form fields, or database column headers to distinguish sensitive records from general references.

References

• Israel National ID entity definition - Microsoft Learn