How does masking work in each environment?
PC (PCI), FG pod
- Masking is turned on by default in the PC (PCI) and FG pods using the F5 Load Balancers (the "Application Scanning Modules" or "Web Application Firewalls" in the F5s . The request can be made to turn it on or off.
- Credit Card (CC) and Social Security Number (SSN) masking are configured separately. You can enable or disable one or both.
- It will scan everything (subject, body, also including custom fields).
- CC and SSN masking is interface specific.
In the November 2013 and newer releases, you can enable the Incident Thread Masking feature to automatically mask incident thread content that matches common patterns, such as credit card, social security, and telephone numbers. Answer ID 6316 - Enable Incident Thread masking feature.
If the F5 or the Incident Thread Masking product feature is enabled, it will be masked but potentially in a different way depending on which is on. If they are both on, the Incident Thread Masking feature would take precedence because it masks the data when stored.
If neither is on it will not be masked.
With the Incident Thread Masking feature enabled, it masks data as it comes in and the result is stored in the database (i.e. you will see XXX-XXX-XXXX).
With F5 masking turned on, data remains unmasked in the database, but masked when displayed on the Customer Portal (end-user pages) or in the Oracle Service Cloud administration console (i.e. looks like ****-******). If you have Incident Thread Masking enabled, the F5 will not mask it because it will already be masked, and not match any of the masking patterns.
- CC and SSN masking are configured separately. You can enable or disable one or both.
- When enabled in Chat, the mask will affect both the client and agent. The actual digits for the CC and SSN are visible to the sender and not passed through the chat. (Receiver will see the masked number ex. xxx-xx-xxxx or xxxx-xxxx-xxxx-xxxx)
- At the point of completion the chat is added to the incident record and the CC and SSN are masked permanently.
NOTE: It is not possible to disable masking for Chat for a particular interface, as masking for Chat is configured site wide. In order to enable or disable this functionality, a change request has to be made by the Primary Support Contact of your organization via a service request. The service request will then be escalated to our Cloud Hosting Management Team to make the change.
For more information, refer to the following resources:
- Answer ID 5622: Credit Card and Social Security Number Masking in the PC (PCI) or FG Pod
- Answer ID 5623: PCI (PC Pod) Frequently Asked Questions
- Answer ID 6316: Enable Incident Thread masking feature
Additional information is available in the 'Masking information in incident threads' section in online documentation for the version your site is running. To access Oracle Service Cloud manuals and documentation online, refer to the Documentation for Oracle Service Cloud Products.