How to Update Privacy Settings for FullStory for Mobile Apps

Available for the following Plan types:

FullStory Enterprise*

FullStory Business*

FullStory Free

*with the following add-on:

FullStory for Mobile Apps

Available to the following User roles:





Understand the basics of FullStory privacy capabilities and feel confident utilizing them with our new FullStory Privacy 101 interactive course.

By default, all text nodes will be masked until you choose to either unmask or exclude selectors in the privacy settings.

Before getting into how to update Privacy Settings for FullStory for Mobile Apps, it's worth clarifying the following terminology: Excluding and Masking.

  • Excluding - View “exclusion” refers to the existing process of completely removing a view node and its subtree from the data capture stream. It is replaced with a placeholder node that shows only a rectangle where the original node was displayed. All events targeting it are ignored. This is done upon request using a “blacklist” of nodes to be excluded.
  • Masking - View “masking” is the new approach to masking sensitive end-user data from the view hierarchy. A masked node will have all text replaced with irreversibly-transformed placeholder text, meant to resemble a wireframe of the original content. Any view metadata required for rendering, but not containing end-user data, will be preserved. This allows masked and captured nodes to be nested in one another in a way that’s not possible with excluded nodes.

Note: User input within a masked or excluded element will not be searchable within FullStory.

Exclude element entirely: The inner contents of the element are not captured. Additionally, any clicks, taps or interactions with this element will not be visualized in playback and will not be searchable. Excluded elements are represented in playback with grey and white diagonal lines:


Mask element content on client: The inner contents of the element are not captured. For text nodes, the number of characters and approximate typing behavior will be captured. Taps, clicks, and other interactions will be visible in playback and will be searchable.

Unmask element content on client: All element data is captured.

Capture with user consent: Gives you the ability to selectively capture parts of your site or application based on explicit user consent. (more info)


Exclude or Mask Elements using Code-first Approach

We would recommend taking a code-first approach for modifying privacy settings for mobile apps. The complete set of pre-configured classes that may be applied to control privacy are:

Type Always applied * Consent-modified **
Excluded elements fs-exclude fs-exclude-without-consent
Masked elements fs-mask fs-mask-without-consent
Unmasked elements fs-unmask fs-unmask-with-consent


To control privacy settings via code, mobile applications can make use of FS.addClass.

For Android:

// The password field should be entirely excluded
FS.addClass(myPasswordView, "fs-exclude");
// The hint label field does not contain PII, so it should always be unmasked
FS.addClass(myPasswordHintLabelView, "fs-unmask");

For iOS (Objective-C):

// The password field should be entirely excluded
[FS addClass:myPasswordView className:@"fs-exclude"];
// The hint label field does not contain PII, so it should always be unmasked
[FS addClass:myPasswordHintLabelView className:@"fs-unmask"];


Modify Privacy Settings using Inspect Mode

1. While viewing a mobile app session, click Page Insights

page insights pt 1.png


2. Click an element to modify

page insights pt 2.png


3. Click "Create data capture rule"

page insights pt 3.png

4. Update the element privacy setting and save


Exclusion Example



Masking / Unmasking Example




Need to get in touch with us?

The FullStory Team awaits your every question.

Contact us