Add Support for Masking Identifiers (Email and Phone) in Settings and Interfaces

[VoDmAl]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [X] I have joined the Ory Community Slack.
• [X] I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe your problem

The current implementation of Ory Kratos displays full email addresses and phone numbers in various settings and user interfaces, such as profile settings. his can potentially expose users' sensitive information, leading to privacy and security risks.

Describe your ideal solution

I would like to request a feature that allows for masking email addresses and phone numbers in all relevant settings and user interfaces. The solution should include:

Settings and Profile Pages:

Mask email addresses and phone numbers when displayed in profile settings (e.g., "j***@example.com" and "+***1234").

Code Sending Interfaces:

Mask identifiers in interfaces where verification codes are sent (e.g., "A verification code was sent to j***@example.com" and "A verification code was sent to +***1234").

This masking should be consistent across all relevant interfaces and should ensure that users' sensitive information is adequately protected.

Workarounds or alternatives

Currently, there are limited workarounds available, such as manually masking identifiers before displaying them in custom interfaces. However, this approach is not scalable and can lead to inconsistencies.

Implementing this feature directly within Ory Kratos would provide a standardized, reliable, and maintainable solution, ensuring that all users benefit from enhanced privacy and security by default.

Version

v0.13.0

Additional Context

No response