Dynamic Data Masking
It is used to mask sensitive data.
It support 4 type of masks.
1. Default dependent on the type of data.

1. binary, varbinary, image: using ASCII value 0
2. date, datetime2, datetime, datetimeoffset, smalldatetime, time: using 01.01.1900 00:00:00.0000000
3. bigint, bit, decimal, int, money, numeric, smallint, smallmoney, tinyint, float, real: using 0
4. string: using XXXX or fewer Xs

2. Custom string show the first and last letters and adds a custom padding string in the middle.

3. Email only show the first letter and a constant .com suffix

4. Random use a random value within a specified range for anumeric type.

DDM does not support:

1. Always Encrypted encrypted columns
2. COLUMN_SET
3. FILESTREAM data
4. Computed column

DDM’s column cannot be a key for a FULLTEXT index.

DDM of Default type

-- Set the column named "TESTING" masked by Default
ALTER COLUMN TESTING ADD MASKED WITH (FUNCTION = 'default()')

DDM of Custom String

-- Set the column named "CSTRING" masked by Custom String
-- partial(1,"XXXXXXX",0) ABCDEFGHIJK -> AXXXXXXX
ALTER COLUMN CSTRING ADD MASKED WITH (FUNCTION = 'partial(1,"XXXXXXX",0)')
-- partial(1,"XXXXXXX",0) ABCDEFGHIJK -> AXXXXXXXIJK
ALTER COLUMN CSTRING ADD MASKED WITH (FUNCTION = 'partial(1,"XXXXXXX",9)')

DDM of Email type

-- Set the column named "TEMAIL" masked by Email
ALTER COLUMN TEMAIL ADD MASKED WITH (FUNCTION = 'email()')

DDM of Random type

-- Set the column named "RTESTING" masked by Random value
-- with a range between 1 ~ 20
ALTER COLUMN RTESTING ADD MASKED WITH (FUNCTION = 'random(1, 20)')