Sanitizing sensitive data that can't be stored at all


I’m currently trying to see if we could use Temporal into our solution. In our case, we would try and process banking transactions. therefore, there are some data that we are not allowed to store, even encrypted, because of the PCI DSS rules.

Is there a way to intercept data for sanitization, before they are stored to the persistent stores ?

Or would it be possible to completely disable the persistent stores ? Or do temporal really need persistent stores to run properly ?
If a temporal cluster really couldn’t start without stores, I was thinking of using a BLACKHOLE Storage Engine on my database so temporal can at least start, but then I don’t know it everything would run properly
We would therefore not be able to use the UI, but we have other methods for tracing.

Or maybe there is another solution to my problem I didn’t think of ?

If data cannot be persistent, you cannot guarantee resiliency against failures. If you don’t care about resiliency, you don’t need Temporal.