How does credit card number and social security number masking work in the PC or FG pod?
PCI/DSS, PC pod, FG pod, masking
Oracle Service Cloud
Masking Primary Account Numbers (PANs) is a feature for sites in the PC or FG pod, i.e. credit card and social security numbers.
By default the F5 Load Balancers (the "Application Scanning Modules" or "Web Application Firewalls" in the F5s) will mask the PANs when accessing the site via the Agent Desktop or Web interface.
Example: ****-****-****-**** or ***-**-****
Additional helpful masking information:
-CC and SSN masking are configured separately. You can enable one or both.
-It will scan everything (subject, body, including custom fields).
-Since forwarding incidents results in sending emails outside the Oracle Service Cloud application, it is not recommended to forward incidents outside of your organization. CC and SSN will not be masked outside of CX. Therefore, if an agent replies to an incident with a credit card number or SSN, while it will appear masked on the agents end, the customer would see that information in the email recieved.
-There are two types of masking: in the admin console, or on enduser page (for a
- The pods use Luhn algorithm (checksum formula) to determine whether or not the
number is a CC or SSN. Random numbers will NOT be masked.
-CC and SSN masking is interface specific for incidents and site wide for chat.
-A change request has to be made by the Primary Support Contact of your organization via an service request. The service request will then be escalated to our Cloud Hosting Management Team to make the change.
For more information on implementing in a regulated environment such as PCI or HIPAA, please see Answer ID 9570: Guidance for Implementing in PCI or HIPAA Service Cloud Environment for specific deployment considerations.
See also Answer ID 7856: Social Security Number not getting masked in chat transcript for more information on masked formats.