FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
GabrFila
Staff
Staff
Article Id 413719
Description

This article explains why, under certain conditions, the built-in credit card DLP data type does not match valid credit card numbers when testing Data Loss Prevention (DLP) policies with ChatGPT.

Specifically, when a message contains multiple credit card numbers separated by new lines, only the first line is detected. The built-in credit card data type fails to identify valid credit card numbers in the subsequent lines.

Scope FortiGate, FortiSASE.
Solution

To reproduce this issue, a policy must be applied to ChatGPT traffic with a DLP security profile and SSL deep inspection enabled. The expected behavior is that the system filters posts containing credit card numbers by leveraging the built-in credit card data type to match the traffic, including cases where the credit card numbers are presented as a list separated by new lines.

 

Steps to reproduce:

 

  • A DLP policy applied to ChatGPT traffic is needed. This policy must have SSL deep inspection enabled and the dlp profile applied:

 

GabrFila_0-1759498015186.png

 

GabrFila_1-1759498015188.png

 

  • A DLP security profile configuration with a sensor configured with a dictionary matching DLP built in datatype:

 

GabrFila_2-1759498015189.png

 

GabrFila_3-1759498015189.png

 

GabrFila_4-1759498015191.png

 

GabrFila_5-1759498015192.png

 

  • A ChatGPT post containing credit card numbers separated with new lines:
GabrFila_6-1759498015196.png

 

  • Notice that the post was not blocked by DLP, even though it contains multiple valid credit card numbers.

 

Root Cause:

 

Upon analysis, it was found that this behavior is related to how ChatGPT formats data before sending it to the server.

 

  • ChatGPT submits the content as JSON payloads.

 

  • In decrypted HTTP POST requests, the data appears as a JSON string formatted this way, with the \n separator embedded in the string:


are these credit card numbers?\n4111111111111111\n4111 1111 1111 1111\n5555555555554444\n....

 

  • The built-in Credit Card data type uses this regular expression with word boundaries (\b):

\b([2-6]{1}\d{3})[- ]?(\d{4})[- ]?(\d{2})[- ]?(\d{2})[- ]?(\d{2,4})\b

 

  • Since the newline character \n is embedded into the string, it does not constitute a word boundary, so the regex fails to match credit card numbers.

 

Solution / Workaround:

 

To address this, a custom dictionary data type can be created for credit card detection without using the \b boundary included in the built-in data type.

This ensures that credit card numbers within ChatGPT traffic are detected correctly, even when separated by new lines.

Example configuration with the fix:

GabrFila_7-1759498057743.png

 

GabrFila_8-1759498057744.png

 

With this configuration, traffic is matched by DLP sensor and it is blocked correctly:

GabrFila_9-1759498057745.png

 

 

GabrFila_10-1759498057746.png

CLI Configuration with solution applied:

 

config firewall policy
    edit 24
        set name "chatgpt"
        set srcintf "fortilab-local-zone"
        set dstintf "virtual-wan-link"
        set action accept
        set srcaddr "all"
        set dstaddr "chatgpt"
        set schedule "always"
        set service "ALL"
        set utm-status enable
        set inspection-mode proxy
        set ssl-ssh-profile "deep-inspection"
        set dlp-profile "block-cc-profile"
        set application-list "default"
        set logtraffic all
        set nat enable
    next
end

config dlp profile
    edit "block-cc-profile"
        set feature-set proxy
        config rule
            edit 1
                set name "block-cc"
                set type message
                set proto http-post
                set filter-by sensor
                set sensor "cc"
                set action block
            next
        end
    next
end

config dlp sensor
    edit "cc"
        config entries
            edit 1
                set dictionary "custom-cc"
            next
        end
    next
end

config dlp dictionary
    edit "custom-cc"
        config entries
            edit 1
                set type "regex"
                set pattern "/([2-6]{1}\\d{3})[- ]?(\\d{4})[- ]?(\\d{2})[- ]?(\\d{2})[- ]?(\\d{2,4})/m"
                set repeat enable
            next
        end
    next
end

 

Important considerations:

  •  The modified regex is less restrictive than the built-in Credit Card data type.
  • This may result in false positives in some environments.
  • This workaround is intended specifically for ChatGPT transactions. Other applications or websites that format strings differently may not require this adjustment.
Contributors